user2888062
Reputation:
Rails cancan gem won't authorize only new action
Using cancan i'm not able to create new record. I have tired to read from documentation but i can't find any help for this.
class Ability
include CanCan::Ability
def initialize(user)
if user.nil?
can :read, Branch
can :read, Leaf
elsif user.role? "admin"
can :manage, :all
else
can :manage, Branch, :user_id => user.id
can :manage, Leaf, :branch => { :user_id => user.id }
# Also can read all.
can :read, :all
end
end
Controller:
before_filter :authenticate_user!, :except => [:index, :show]
def new
@branch = Branch.new
authorize! :new, @branch, :message => 'You are not authorized to perform this action.'
respond_to do |format|
format.html # new.html.erb
format.json { render json: @branch }
end
end
def create
@branch = Branch.new(branch_params)
authorize! :create, @branch, :message => 'You are not authorized to perform this action.'
respond_to do |format|
if @branch.save
format.html { redirect_to user_branches_path(current_user.username), notice: 'Branch was successfully created.' }
else
format.html { render action: 'new'}
end
end
end
Upvotes: 3
Views: 331
Answers (1)
Related Questions
- authorizing specific controller action using cancancan
- How to authorise action in a controller using CanCan ability?
- Rails authorization with cancan
- Rails CANCAN - No Access on first click
- Authorize controller actions with cancan in rails
- CanCan not preventing access when it should
- CanCan is not authorizing a controller action when it will work just fine with accessible_by
- Rails: authorizing user with CanCan gem issue
- CanCan authorization issue
- Rails Authorization with CanCan Problem