Solved

CanCan plugin

Posted on 2010-11-25
7
916 Views
Last Modified: 2012-05-10
Hi,

  I am using the Can Can plugin and if you are familiar with it perhaps you can help me.
  I need to create this class Ability. The Ability class has the initialize method and I'd like to add a new parameter there.
  This parameters doesn't come and perhaps somebody could help me.
  Here is the plugin: https://github.com/ryanb/cancan

class Ability
  include CanCan::Ability

  def initialize(user, user_role)
    case (user_role)
      when 1: # administrator
        can :manage, :all
      when 2: # presbyter
        can :read, :all
      when 3: # secretary
        can :read, :all
      when 4: # area_pastor
        can :read, :all
      when 5: # coordinator
        can :read, :all
      when 6: # supervisor
        can :read, :all
      when 7: # leader
        can :read, :all
      when 8: # member
        can :read, :all
      when 9: # frequenter
        can :read, :all      
      else
        # guest user, what TODO ??
    end
  end
end

Open in new window



and I am calling like this:
        <% if can? :update, ConfigMaster, current_user_role %>
        ...
       <% end %>

Open in new window

0
Comment
Question by:lusfernandos
  • 4
  • 3
7 Comments
 
LVL 12

Accepted Solution

by:
JESii earned 500 total points
Comment Utility
You may be able to override the definition of initialize as you did, but that's only half the problem. You also have to find where the Ability class instance is created (with the Ability.new expression) and change those as well.

For example, in lines 276-278 of the file cancan/lib/cancan/controller_additions.rb a new Ability instance is created and there is only one parameter there.

You may be able to solve this problem by leaving only a single parameter but attaching your roles to the user instance, so that you can reference user.user_role
#Code from lines 276-278 of cancan/lib/cancan/controller_additions.rb
    def current_ability
      @current_ability ||= ::Ability.new(current_user)
    end

Open in new window

0
 
LVL 2

Author Comment

by:lusfernandos
Comment Utility
Hi JESii,

  Thanks for your answer. I thought I could do something without changing the plugin/gem. Thinking this way your second suggestion would be perfect, however I did tried sometime back adding an attribute to User, but I wasn't able to ( I am new to Rails ...).
  I am using the authlogic for authenticating the user, so I need to know the exact place to add this attribute. I am thinking about
1) Add a new virtual attribute to User class
2) When the user log in I need to update  that information.
  def current_user
    return @current_user if defined?(@current_user)
    @current_user = current_user_session && current_user_session.record
  end

  Can you point me to the right direction? Thanks a lot
0
 
LVL 2

Author Comment

by:lusfernandos
Comment Utility
Just to add more information about what I am trying to accomplish.
First my login screen has the fields: user, password and role. This means that a user can have several role, however it will login as a specific role.
The role that the user is logged in needs to be checked in the CanCan and now I need to have it saved somehow to my User Model.
This role is just related to the current session, so I believe I just need to add a virtual attribute, I don't actually need to save this info to the database (right?)
Currently I am storing the current_user_role in the session ...
  def current_user_role=(user_role)
    logger.debug "current_user_role (set) --> = #{user_role}"
    session[:user_role] = user_role
    @current_user_role = user_role
    logger.debug "current_user_role (set) #{session[:user_role]}<--"
  end

Open in new window

Hopefully now it is more clear ...
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 12

Expert Comment

by:JESii
Comment Utility
I don't have a specific answer off the top of my head, but here are some thoughts that might be of help to you.

I've used AuthLogic, but always had problems extending it or getting it to play nice with other things I needed to do. I'm going to try Devise on my next project as I hear it's easier to work with: https://github.com/plataformatec/devise

For AuthLogic & CanCan, I've found the following which might help.

1. https://github.com/rainly/authcan_easyroller#readme  - has combined AuthLogic, CanCan, and EasyRoles into a single engine that you can install that seems to have everything you need

2. http://www.agileweboperations.com/role-based-permissions-for-your-ruby-on-rails-application - Is a gem to do authentication and authorization

3. http://www.aeonscope.net/2010/09/21/authlogic-template-100/ - has a basic Rails application template that includes AuthLogic, CanCan and other basic components
0
 
LVL 2

Author Closing Comment

by:lusfernandos
Comment Utility
I was able to add the user_role to the Users model.
0
 
LVL 12

Expert Comment

by:JESii
Comment Utility
Good, lusfernandos... glad that worked out; that's pretty much the standard way to handle a situation like this. And thanks for the points!
0
 
LVL 2

Author Comment

by:lusfernandos
Comment Utility
Thanks, Hope that you help me next time as well :)
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Session clean at  RAILS server restart 9 814
Rails 3.0 Routing 3 611
Script that doesn't print duplicate lines 2 197
What is 'f.hidden_field' for? 1 295
Article by: narshlob
If you've ever programmed in Ruby and have come across either a proc or a lambda, you might have been wondering what the difference is between the two and when you would use one over the other. This article will try to explain the difference between…
Recently I spent hours debugging an issue in a Rails project where ActiveRecord was causing MySQL errors trying to create a User object of a class at the top level of a Single Table Inheritance model structure.  It turns out `.create` behaves differ…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now