Pushpam Kumar
Reputation: 140
Unable to configure cancancan in Rails
I am using active_admin and cancancan gem.
ability.rb
if user.admin?
can :manage, :all
elsif user.regular?
can :read, :all
else
can :read, :all
end
I have role column in database. It is basically a blog.
schema.rb
ActiveRecord::Schema.define(version: 2019_02_18_221247) do
create_table "active_admin_comments", force: :cascade do |t|
t.string "namespace"
t.text "body"
t.string "resource_type"
t.integer "resource_id"
t.string "author_type"
t.integer "author_id"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index ["author_type", "author_id"], name: "index_active_admin_comments_on_author_type_and_author_id"
t.index ["namespace"], name: "index_active_admin_comments_on_namespace"
t.index ["resource_type", "resource_id"], name: "index_active_admin_comments_on_resource_type_and_resource_id"
end
create_table "categories", force: :cascade do |t|
t.string "category"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
end
create_table "posts", force: :cascade do |t|
t.string "title"
t.text "body"
t.integer "user_id"
t.date "published_at"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.integer "category_id"
end
create_table "users", force: :cascade do |t|
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "role"
t.index ["email"], name: "index_users_on_email", unique: true
t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
end
end
user.rb
class User < ApplicationRecord
has_many :posts
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
devise :database_authenticatable,
:recoverable, :rememberable, :validatable
def admin?
role == "admin"
end
def regular?
role == "regular"
end
def guest?
role == "guest"
end
end
Goal
My goal is to not allow a guest user to create a new Post.
Problem
The problem I am getting access denied for both admin and guest user though I have clearly defined what different types of user can do in ability.rb.
If you need more info about the code you can check it on github.
Thank you in advance.
Upvotes: 0
Views: 32
Answers (1)
infused
Reputation: 24337
The problem is that you are overriding the user that's passed to the Ability class. Remove this line:
user = User.new(role: "guest")
Upvotes: 1
Related Questions
- Cancancan - Access denied in Rails Admin
- Create authorization using CanCanCan gem and ActiveAdmin
- Unable to configure cancancan with active_admin in rails
- Cancancan Cant get it work with User and Admin
- ActiveAdmin + CanCanCan errors with : protected method `authorize!' called for <Every ActiveAdmin Controller>
- Need help to configure CanCanCan for activeadmin
- how set the permissions for cancan gem?
- ActiveAdmin, CanCan: privelegies
- Rails 3- Active_admin and CanCan integration
- Cancan is not working well with active_admin