-
PR #142 introduced event organizers, users that created an event and are able to edit it.
This is done by **not rendering the form if the user cannot edit the event**. Of course, any malicious user…
-
Hi,
I have a model with a self.accessible_by(ability, action) method defined. Let's call the model Thing. This method does return an ActiveRecord::Relation instance.
In the ThingController, load_and…
-
When you have a controller named differently from rails pluralize pattern (i.e. "Imovel" model and "Imoveis" controller) you will get this error because CanCan tries to reference a model named "Imovei…
-
So when i choose a plan as a user in my project, stripe registers it and the new subscription is visible in the stripe dashboard. This seem to be working just fine.
However, when i try to edit th…
-
app/models/ability.rb
``` ruby
def initialize(user)
...
can :read, User, id: user.id
if user.admin?
can :read, User
end
end
```
rails console
``` ruby
user = User.find(2) # User 2 is…
-
`def initialize(staff)
staff ||= Staff.new
can :manage, Store do |store|
store.staff_privileges.select(&:owner?).map(&:staff_id).include? staff.id
end
end`
I am not sure why `staff.can…
-
``` ruby
cannot :read, Foo
can :read, Foo, ["bar_id = ?", user.bar_id] do |foo|
foo.bar_id == user.bar_id
end
```
yields
`undefined method '%' for ["bar_id = ?", 2]`
while
``` ruby
cannot :read,…
-
Majority of functionality and implementation of Cancan is not rails specific.
However, it is tightly coupled, making it impossible to be used with lighter framework, like with Rack directly or with S…
-
CanCan 2.0 currently doesn't correctly works with [Draper](https://github.com/jcasimir/draper/tree/), since Draper wraps over the model object, its class name become that of Draper's class name. So Ca…
sirn updated
10 years ago
-
Some of my findings using cc2.0:
1 . Craps out with multiple rules going through the same nested association:
``` ruby
Sale.joins(:order_request => :business_site).where({:order_request => {:business…
gamov updated
10 years ago