So I got CanCan and Devise working well. I have two types of users:
Admins and Nonadmins. Admins can edit all of Nonadmins profiles.
The problem is, every user (either Admin or Nonadmin) belongs to an
Account or Organization. Admins should only be able to edit users from
their own Account or Organization. I was able to do that too.
The problem is, I can''t display the links to the edit buttons.
Everything seems fine, I don''t see any errors.
Here is what I have in ABILITY.RB
-------------------------------
if user.role == "admin"
# can :manage, :all
can :manage, Account do |account|
account.try(:id) == user.account_id
end
can :manage, Appointment
can :manage, Client
can :manage, Service
can :manage, User do |u|
u.try(:account_id) == user.account_id
end
elsif user.role == "employee"
-------------------------------
this is what I have on the file that lists the users:
-------------------------------
<% if can? :update, @user %>
<span class="span_user_controls">
<%= link_to ''Edit'', edit_user_path(user) %>
<%= link_to ''Destroy'', user, :confirm =>
''Are you sure?'', :method
=> :delete %>
</span>
<% end %>
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
Nevermind, I found the problem. I was supposed to remove the @ because
it''s iterating from a loop:
<% @users.each do |user| %>
<%
if user.first_name.nil? or user.last_name.nil?
user_link = link_to ''User Details'', user,
:class=>''first_and_last_name''
else
user_link = link_to user.first_name + '' '' +
user.last_name, user,
:class=>''first_and_last_name''
end
%>
<% user_name = user.first_name.to_s + '' '' +
user.last_name.to_s %>
<div class="div_user">
<span class="span_name"><%= link_to user_name,
edit_user_path(user)
%></span>
<span class="span_title"><%= user.title
%></span>
<span class="span_email"><%= user.email
%></span>
<% if user.role == ''admin'' %>
<span class="span_role"><%= user.role
%></span>
<% end %>
<% if can? :update, user %>
<span class="span_user_controls">
<%= link_to ''Edit'', edit_user_path(user) %>
<%= link_to ''Destroy'', user, :confirm =>
''Are you sure?'', :method
=> :delete %>
</span>
<% end %>
</div>
<% end %>
</div>
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.