我想让管理员可以通过编辑数据库中的角色列将其他用户设置为admin / manager。我尝试使用cancancan gem来做到这一点,但没有任何事情发生。
我该怎么做?
ability.rb
def initialize(user)
user ||= User.new
if user.admin?
can [:create, :update, :destroy], [Organization, Club, User]
elsif user.manager?
can [:create, :update, :destroy], [User, Event, News, User_club, User_event]
can :update, Club
can :read, :all
cannot :update, user.role
else
can :read, :all
can :create, User
can :update, User, user_id: user.id
cannot :update, user.role
end
end
edit.html.erb
<% if can? :update, @user.role %>
<%= f.label :role %>
<%= f.number_field :role, class: "form-control" %>
<% end %>
答案 0 :(得分:0)
您尝试this
class Ability
include CanCan::Ability
def initialize(user)
can :read, :all # allow everyone to read everything
if user && user.admin?
can :access, :rails_admin # only allow admin users to access Rails Admin
can :dashboard # allow access to dashboard
if user.role? :superadmin
can :manage, :all # allow superadmins to do anything
elsif user.role? :manager
can :manage, [User, Product] # allow managers to do anything to products and users
elsif user.role? :sales
can :update, Product, :hidden => false # allow sales to only update visible products
end
end
end
end