在我的数据模型中:
Company has_many offices
Employee has_many offices, through: :employee_office(这就是我允许公司管理员为某些办公室而非其他办公室授权员工的方式)
Office has_many appointments和
Appointment belongs_to office
我想使用CanCanCan定义一项功能,只有当Employee在Appointment上工作时,才允许Employee对Office执行操作Appointment来自。
像这样的psuedocode:
Employee can :manage Appointment, Employee.offices.include?(Appointment.office)
这是我到目前为止所做的:
class EmployeeAbility
include CanCan::Ability
def initialize(employee)
can :read, Company, :id => employee.company.id
can :read, Office, :id => employee.company.id
#I'd like to include the above psuedocode here, but I'm not sure how to structure it
end
end
谢谢!
答案 0 :(得分:1)
can :edit, Appointment, office_id: employee.office_ids