开发者

Accessing Devise helper methods from CanCan, etc

问答 作者:

This seems like an easy question that I just can't wrap开发者_开发技巧 my head around.

Using Devise for authentication and CanCan for authorization on a new Rails 3 app.

How can I access methods defined in ApplicationController within the Ability class that CanCan provides?

a.k.a., something like this:

class Ability

  include CanCan::Ability

  def initialize(user)

    user ||= User.new # Guest user.

    can :create, Post if user_signed_in?

  end
end

where user_signed_in? is defined in ApplicationController.

This might not be the answer you wanted, but it seems like you are wanting to mix code concerns that shouldn't be mixed.

Is it a good idea to access user_signed_in? inside your authorisation rules? ... Since authorisation is only concerned with what someone can do, and should not be concerned with if that someone is authenticated (or not).

A before filter (before_filter :authenticate_user!) on your Posts controller to check that your user is authenticated should be enough to do achieve your objective; Your authorisation rules can be run alongside the authentication check, rather than mixed up with it's code.

It's a layered approach :-)

继续阅读:cancandeviseruby-on-rails

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9