----------------------------------------------------------- ability.rb ----------------------------------------------------------- can :update, User, :auth_token => current_user.auth_token -----------------------------------------------------------
---------------------------------------------------------- users_controller.rb ---------------------------------------------------------- @user = User.find(params[:id]) authorize! :update, @user ---------------------------------------------------------- If go to the URL directy, it does work well. Authorizes where it's supposed to, and it doesn't authorize where it's supposed to. The problem is, in users/index.html.erb I'm listing the users and it doesn't display the Edit link at all. ------------------------------ index.html.erb ------------------------------ @users = User.all [...] <% if can? :update, @user %> <%= link_to 'Edit', edit_user_path(user) %> <% end %> ----------------------------- I'm thinking I'm probably having this problem because I'm working with nested resources. ------------------ routes.rb ------------------ resources :companies do resources :users end ------------------ But I have also tried working with :through and it still doesn't display the Edit link. Can somebody please tell me why? -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
