CanCan authorization issue

I am using cancan for my app

my ability.rb class is

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user

    if user.role? :admin
      can :manage, :all
    elsif user.role? :operations
      can :manage, :all
    elsif user.role? :customer_support
      can :read, :all
    else
      user.role? :marketing
    can :read, :all
    end
 end
end

and i add method in user.rb

def role?(role)
    self.roles.include? role.to_s
  end

I also add load_and_authorize_resource in my controller say products_controller which can authorise user and allow him to do certain action in this controller, but my problem is when user gets logged in with admin as role he can't be able to add new product, it gives access denied error of cancan.

my view is

<% if can? :create, Product %>
              <td class="action"><%= link_to 'Show', product %></td>
              <td class="action"><开发者_StackOverflow社区;%= link_to 'Edit', edit_product_path( product) %></td>
              <td class="action"><%= link_to 'Destroy', product, :confirm => 'Are you sure?', :method => :delete %></td>
          <% end %>

it also not showing this link to admin as there are all access to admin but still he can't access this action?

what else am I missing?

plz help?

Have you followed instructions in the cancan wiki? https://github.com/ryanb/cancan/wiki/Role-Based-Authorization.

Cancan default strategy for storing roles for each user is using a bitmask, but the wiki mentions about a different solution here: https://github.com/ryanb/cancan/wiki/Separate-Role-Model.