Login/Register
How to check cancan permission on ActiveAdmin custom page?
Asked Answered
Solved ruby-on-railsrubypermissionsactiveadmincancancan
A

4

6

I've the following Ability:

can :manage, ActiveAdmin::Page, name: 'My Page'

And it is working fine, but I want to check if the user has the ability to manage this ActiveAdmin::Page in different pages. So, when I used the following:

can? :manage, ActiveAdmin::Page, name: 'My Page'

It returned true for any page even if it does not exist!

Annam answered 25/1, 2017 at 11:13 Comment(0)
A
1

Finally, I figured out a way, it looks weird because it uses register_page but it is working:

can? :manage, (ActiveAdmin::register_page 'My Page')
Annam answered 25/5, 2017 at 20:11 Comment(0)
O
9

The code 

can? :manage, ActiveAdmin::Page, name: 'My Page'

checks if the current user can manage an instance of ActiveAdmin::Page whose name attribute is equal to My Page. That is exactly the condition you stated in your abilities file, and that is why it always returns true.

In case you want to know if a user can or cannot access a specific page (which is what I think you are trying to do) you should ask "can I manage this page?" instead of "can I manage a page whose name is My Page?". In the former you are talking about a specific page, and in the later you are talking about pages with a certain characteristic.

In order to ask CanCan whether the current user can access a specific page, just ask:

can? :manage, my_specific_page

where my_specific_page needs to be an instance of ActiveAdmin::Page.

Oporto answered 25/1, 2017 at 11:31 Comment(3)
But I want to used it in a different page!Annam
my_specific_page needs to be an instance of ActiveAdmin::Page, not necessarily the page you are currently visiting. Just have to make sure that my_specific_page is the page where you want to know permissionsOporto
Yes, I agree, but the question now what is the right syntax to access ActiveAdmin page instance?Annam
A
1

Finally, I figured out a way, it looks weird because it uses register_page but it is working:

can? :manage, (ActiveAdmin::register_page 'My Page')
Annam answered 25/5, 2017 at 20:11 Comment(0)
L
1

After I applied register_page solution, the menu dropdowns extended to individual menu links.

This github issue leads me to answer. https://github.com/activeadmin/activeadmin/issues/4783#issuecomment-479562966

I solved like this.

def find_custom_page(name)
   ActiveAdmin.application.namespaces[:admin].resources.find{|r| r.resource_name.name == name }
end

can? :manage, (find_custom_page 'MyPage')
Lafontaine answered 5/5, 2023 at 14:41 Comment(0)
A
0

I just wanted to share what I did for my case:

# ability.rb

can(:manage, ActiveAdmin::Page, name: 'Page Title')

And in the ActiveAdmin page:

action_item :specific_page, only: :show, if: proc { authorized?(:manage, controller.instance_variable_get(:@specific_page)) } do
  link_to 'Page Title', "/admin/..."
end
...  
controller do
  def show
    @specific_page = ActiveAdmin.application.namespaces[:admin].resources.select { |resource| resource.resource_label == 'Page Title' }.first
  end
end
Asthenic answered 3/12, 2021 at 3:23 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.