So I got CanCan and Devise working well. I have two types of users:
Admins and Nonadmins. Admins can edit all of Nonadmins profiles.
The problem is, every user (either Admin or Nonadmin) belongs to an
Account or Organization. Admins should only be able to edit users from
their own Account or Organization. I was able to do that too.
The problem is, I can't display the links to the edit buttons.
Everything seems fine, I don't see any errors.
Here is what I have in ABILITY.RB
-------------------------------
if user.role == "admin"
# can :manage, :all
can :manage, Account do |account|
account.try(:id) == user.account_id
end
can :manage, Appointment
can :manage, Client
can :manage, Service
can :manage, User do |u|
u.try(:account_id) == user.account_id
end
elsif user.role == "employee"
-------------------------------
this is what I have on the file that lists the users:
-------------------------------
<% if can? :update, @user %>
<span class="span_user_controls">
<%= link_to 'Edit', edit_user_path(user) %>
<%= link_to 'Destroy', user, :confirm => 'Are you sure?', :method
=> :delete %>
</span>
<% end %>
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
