Devise and cancan gems: has_many association
Posted
by
tiktak
on Stack Overflow
See other posts from Stack Overflow
or by tiktak
Published on 2012-07-08T15:04:27Z
Indexed on
2012/07/08
15:15 UTC
Read the original article
Hit count: 255
I use devise
and cancan
gems and have simple model association: user
has_many subscriptions
, subscription
belongs_to :user
. Have following SubscriptionsController
:
class SubscriptionsController < ApplicationController
load_and_authorize_resource :user
load_and_authorize_resource :subscription, through: :user
before_filter :authenticate_user!
def index
@subscriptions = @user.subscriptions.paginate(:page => params[:page]).order(:created_at)
end
#other actions
end
And Cancan
Ability.rb
:
class Ability
include CanCan::Ability
def initialize(user)
user ||=User.new
can [:index, :show], [Edition, Kind]
if user.admin?
can :manage, :all
elsif user.id
can [:read, :create, :destroy, :pay], Subscription, user_id: user.id
can [:delete_from_cart, :add_to_cart, :cart], User, id: user.id
end
end
end
The problem is that i cannot use subscriptions
actions as a user but can as a admin. And have no problems with UsersController
. When i delete following lines from SubscriptionsController
:
load_and_authorize_resource :user
load_and_authorize_resource :subscription, through: :user
before_filter :authenticate_user!
Have no problems at all. So the issue in these lines or in Ability.rb
. Any suggestions?
© Stack Overflow or respective owner