CODEWITHSUNDEEP
ruby-on-rails
Mauro
Mauro

Reputation: 1235

Using cancan with gems controllers

First of all sorry for my bad english. I've installed cancan and bigbluebutton_rails, https://github.com/mconf/bigbluebutton_rails. The gem bigbluebutton_rails has some models and controllers, for example has bigbluebutton/servers_controller.rb. This controller has some actions like create, join, authorize, etc. I want that only users with role admin can create. What can I do? I need to put load_and_authorize_resource in bigbluebutton/servers_controller.rb? But it is inside a gem and I think it is not recommended to modify gems code.

Upvotes: 0

Views: 110

Answers (3)

leonardodaronco
leonardodaronco

Reputation: 76

Complementing Sam Peacey's answer, now BigbluebuttonRails has a (rather simple) wiki page describing how to integrate it with CanCan: https://github.com/mconf/bigbluebutton_rails/wiki/How-to:-Integrate-with-CanCan

You can also use the application Mconf-Web (https://github.com/mconf/mconf-web) as an example. The version currently in the branch branch-v2 (https://github.com/mconf/mconf-web/tree/branch-v2) uses CanCan, Devise and BigbluebuttonRails, all working together.

Upvotes: 0

rewritten
rewritten

Reputation: 16435

In ruby you can reopen classes, so put some code in /config/initializers/bigbluebutton.rb that says

require 'bigbluebutton'

class Bigbluebutton::ServersController < ApplicationController
  load_and_authorize_resource!

  # you also have to overwrite this method so the @server loaded
  # by CanCan is not overwritten by Bigbluebutton
  def find_server
    @server ||= BigbluebuttonServer.find_by_param(params[:id])
  end
end

Upvotes: 0

Sam Peacey
Sam Peacey

Reputation: 6034

They have a page for integrating with cancan: https://github.com/mconf/bigbluebutton_rails/wiki/How-to%3A-Integrate-with-CanCan

But ummm, it hasn't yet been written...

So... They also have a page for integrating with Devise: https://github.com/mconf/bigbluebutton_rails/wiki/How-to%3A-Integrate-with-Devise which has been written, and so extrapolating from that the accepted way would be to inherit the Bigbluebutton::ServersController.

How about creating a custom servers controller as follows:

class CustomServersController < Bigbluebutton::ServersController
  load_and_authorize_resource!
end

Upvotes: 2

Related Questions