Displaying 1 result from an estimated 1 matches for "edit_all_attribut".
Did you mean:
edit_all_attributes
2014 Mar 25
0
Looking for some glue between Strong Parameters and CanCan
...ilar authorization gem)?
def user_params
if current_user.admin?
params.require(:user).permit!
else
params.require(:user).permit(:password, :password_confirmation)
end
end
Now I want to do this the "Cancan way". My first idea looks strange to me:
def user_params
if can? :edit_all_attributes, User
params.require(:user).permit!
elsif can? :edit_password, User
params.require(:user).permit(:password, :password_confirmation)
end
end
How would you realize the attribute level in Cancan? :edit_all_attributes
and :edit_password scales very badly if more user roles and optional...