Cancan on a single page application

Question

Cancan on a single page application

What is the correct way to test the ability of a single application (backbone.js)?

eg. if it was not a one-page application, I could write on a template

<% if can :read? @resource %> <%= link_to @resource %> <% end %>

But my problem is that I have not loaded @resource when I create the client template.

+4

ruby-on-rails ruby-on-rails-3 backbone.js cancan

evfwcqcg May 29 '13 at 6:33

source share

1 answer

Jared beck · Accepted Answer · 2013-06-02T18:22:44+0000

As a rule, access control will be performed both on the client and on the server. On the server you can use authorize! in their controllers according to normal. On the client, cancan is unavailable.

Possible solutions:

Rendering view fragments on a server, where can? available. I do not think this approach is very important with the spine.
Open API for "cancan requests"
Duplicate your ability object on the client

I lean over the lines, exposing the API, but if the network becomes a performance issue, I think you will have to duplicate your object object on the client side.

This seems like a good example of how client-side applications work more!

Cancan on a single page application

More articles: