Class: AdminAbility

Inherits:
Object
  • Object
show all
Includes:
CanCan::Ability
Defined in:
app/models/admin_ability.rb

Overview

This is how cancan controls authorization. For more details look at github.com/ryanb/cancan

Instance Method Summary (collapse)

Constructor Details

- (AdminAbility) initialize(user)

This method sets up the user's abilities to view admin pages

look at https://github.com/ryanb/cancan for more info


8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# File 'app/models/admin_ability.rb', line 8

def initialize(user)
  user ||= User.new # guest user will not be allowed in the admin section

  if user.super_admin?
    can :manage, :all
  elsif user.admin?
    #can :manage, :all
    can :read, :all
    can :view_users, User do
      user.admin?
    end
    #authorize! :view_users, @user
    can :create_users, User do
      user.super_admin?
    end
    #authorize! :create_users, @user
    can :create_orders, User
  else

  end
end