Rails CanCan Auth Problem -
I am using the Cancun authorization plugin () for my application and have done great work till now. I set it up like this:
The eligibility of the class includes CanCan :: Ability def initialize (user) user || = User.new # guest user if user.role == "admin" can: manage, all others can: Read, all end end end
this gives me some users Administrators are allowed to nominate and only they can use writing works. Now I want to take this one more step and make it so that people who are not logged in all (current user / user_session is not present) ) Can not access some controllers of the site Not. I know that it should be some type of Alsif, which should be finalized for the user with the middle part of the code and everyone else, however, I did not understand the best way to go about setting it up . Anyone familiar with cancun and how to recognize such a situation in the best manner has some ideas.
Thanks guys, every bit helps me to know more about rail and development in general!
I am not quite familiar with cancan but this type of argument is within the specific controller. This is an excerpt of how I do it. I'm sure you can get the point and it can summarize on cancun.
Class item controller & lt; ApplicationController before_filter: login_required #, or # if_filter: login_required, except = & gt; if you want to restrict it to some actions only. [: Show] # or # ago_filter: login_required ,: only => [: Edit] End Class ApplicationController & lt; ActionController :: Base protected def login_required access_denied! Until current_user.logged_in? End cancellation
CanCan authorization does not have to be a difference;)
Comments
Post a Comment