Pearl CanCan | cannot: index, User

Question

Pearl CanCan | cannot: index, User

A very simple user model, I want the administrator: to manage all

else cannot: index, user, and some other parameters, but when I try to block non-admin users from viewing the user index, the admin user also does not have access.

this is my ability .rb

class Ability include CanCan::Ability def initialize(user) user ||= User.new #guest user can :manage, :all if user.role == "admin" #if user.admin? can :manage, :all can :assign_role, User else can :read, :all can :create, User cannot :assign_role, User cannot :index, User can [:show, :edit, :update], User do |current_user| user.id == current_user.id || user.role == "admin" end end end

What can I do to block all users from user index?

Hi

Dan

+4

ruby-on-rails cancan

MrThomas Mar 2 '10 at 22:04

source share

1 answer

uzzz · Accepted Answer · 2010-03-03T07:06:35+0000

Something is wrong with if-else in the code.

 if user.role == "admin" can :manage, :all can :assign_role, User else can :read, :all can :create, User cannot :assign_role, User cannot :index, User can [:show, :edit, :update], User do |current_user| user.id == current_user.id || user.role == "admin" end end

In addition, you do not need to deny a non-admin user to assign a role explicitly (cannot: assign_role, User).

Pearl CanCan | cannot: index, User

More articles: