我有以下型号:
Group (id)
Poll (id, group_id)
PollVote (id, poll_id)
我不想做深度嵌套,这意味着我不想/ group /:id / poll /:id / poll_vote /:id
我想设置它以便我的路线:
/group/:id
/poll/:id
/poll/:id/poll_vote/:poll_vote_id
我有投票工作,但我无法弄清楚如何让PollVote工作......到目前为止我有:
class PollVotesController < ApplicationController
# Authorization w Devise & CanCan
before_filter :authenticate_user! # Devise, signed in users only
load_and_authorize_resource :poll # CanCan
load_and_authorize_resource :poll_vote, :through => :poll
# We need to pass along the wall
def current_ability
@current_ability ||= Ability.new(current_user, @poll.group_id)
end
然后在ability.rb
can [:manage], Poll do |poll|
This returns TRUE is the user is a group member of the poll
end
我在PollVotes中使用什么,让PollVotes使用民意调查检查CanCan?
由于
答案 0 :(得分:1)
您尚未显示您的用户&lt; - &gt;组关联,如果User has_and_belongs_to_many :groups那么:
can :manage, [ Poll ] { |poll| user.groups.include?(poll.group) }
当然,您可能希望将其锁定为仅与用户关联的投票。
编辑 - 以下是限制访问创建和编辑投票的例子:
can :read, PollVote # not needed if you have e.g. can :read, :all
can :create, [ PollVote ] { |poll_vote| user.groups.include?(poll_vote.poll.group) }
can [ :edit, :destroy ], [ PollVote ] { |poll_vote| poll_vote.user_id == user.id }