Skip to content

Instantly share code, notes, and snippets.

@poc7667
Last active December 20, 2015 08:49
Show Gist options
  • Select an option

  • Save poc7667/6102976 to your computer and use it in GitHub Desktop.

Select an option

Save poc7667/6102976 to your computer and use it in GitHub Desktop.
<%= f.hidden_field :user_id, :value => current_user.id %>
class Ability
include CanCan::Ability
require 'pry'
def basic_read_only
can :read, :all
can :list, :all
can :search, :all
end
def basic_operation
binding.pry
can :read, :all
can :list, :all
# can :edit, :all
can :create, :all
cannot :create, ModuleRequest
can :search, :all
end
def initialize(user)
if user.blank?
cannot :manage, :all
basic_read_only
return
end
# user ||= User.new # guest user (not logged in)
if 'admin' == user.role
can :manage, :all
else
cannot :manage, :all
# basic_read_only
basic_operation
# cannot :read, Welcome
end
end
end
<h3>
<p><%= flash[:notice] %></p>
<% if !current_user.nil? %>
user id:
<%= current_user.id %>
<% end %>
</h3>
註冊 <%= link_to( "Sign Up" ,new_user_registration_path) %>
登入 <%= link_to( "Login", new_user_session_path ) %>
登出 <%= link_to("Logout",destroy_user_session_path, :method => :delete ) %>
rescue_from CanCan::AccessDenied do |exception|
flash.keep[:notice] = 'permission failed'
redirect_to main_app.root_url, :alert => exception.message
end
class ModuleRequestsController < ApplicationController
# GET /module_requests
# GET /module_requests.json
load_and_authorize_resource
# load_and_authorize_resource :only => [:index, :show]
#add the line in every controller
before_filter :authenticate_user!
#config/initializers/devise.rb
config.password_length = 8..20
#CanCan
rails g cancan:ability
#add in every controller
load_and_authorize_resource
attr_accessible :email, :password, :password_confirmation, :remember_me
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment