How do I use CanCan with rails admin to check for ownership

About

Asked 21/12, 2011 at 14:47 Answered 10/2, 2012 at 5:14

Solved ruby-on-rails ruby-on-rails-3 cancan rails-admin

When a user in my app isn't an admin user i want to only let them see the fields that they have ownership of.

Is there a so set can :see or something like that on a per field basis so that it displays just the fields that that use "can see", or should I have an ability called can :oversee to state that they can see everything instead.

I suppose it's much easier to just check if the user is admin or not in rails admin, so where set rails admin to only pull the current user's records.

Electrodynamics answered 21/12, 2011 at 14:47 Comment(0)

With cancan, you can check permissions on objects like this:

if can?(:read, order)
  # do something!
end

if can?(:email, order)
  # do something!
end

But that's only referring to visibility at the object level.

In RailsAdmin, you can set field visibility by passing in a blocks, described here.

For example:

RailsAdmin.config do |config|
  config.model Order do
    list do
      field :name
      field :profit do
        visible do
          current_user.roles.include?(:admin)
        end
      end
    end
  end
end

Gwin answered 10/2, 2012 at 5:14 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags