Add CanCanCan for Authorization

[jendiamond]

[Pull Request #]()

http://blog.kangkyu.com/authorization-with-pundit

CanCanCan

---

SuperAdmin

• Can Create User
• Can Modify User
• Can Delete User
• Can View Admin Panel
• Can Make Changes in Admin Panel

  Admin

• Can View Admin Panel

  Applicant (Member)

• Can Edit their own Membership
• Can Delete their own Membership
• Can Edit their own User Info
• Can Delete their own User Info
• Can Upload Tutorials

  Guest

• Can View Static Pages

[jendiamond]

Because I am using Rails Admin I am following these directions: https://github.com/sferik/rails_admin/wiki/Authorization

To use an authorization adapter, pass the name of the adapter. For example, to use with CanCanCan, pass it like this.

RailsAdmin.config do |config|
  config.authorize_with :cancan
end

---

Add gem "cancancan" to Gemfile

$ bundle

---

Next, run the generator to create an Ability class. This is where authorization rules are defined.

$ rails g cancan:ability create app/models/ability.rb

---

CanCanCan with Rails Admin

Add this to config/initializers/rails_admin.rb

RailsAdmin.config do |config|
  config.authorize_with :cancan #TODO add cancancan to rails_admin config
end

---

Rails Admin & Devise

RailsAdmin.config do |config|

  # == Devise ==
  config.authenticate_with do
    warden.authenticate! scope: :member
  end
  config.current_user_method(&:current_member)

  # == Cancan && Rails Admin https://github.com/sferik/rails_admin/wiki/Base-configuration
  config.authorize_with :cancan

  ## == Gravatar integration ==
  ## To disable Gravatar integration in Navigation Bar set to false
  # config.show_gravatar true

  config.actions do
    dashboard                     # mandatory
    index                         # mandatory
    new
    export
    bulk_delete
    show
    edit
    delete
    show_in_app

    ## With an audit adapter, you can add:
    # history_index
    # history_show
  end
end

---