开发者

Accessing Devise helper methods from CanCan, etc

This seems like an easy question that I just can't wrap开发者_开发技巧 my head around.

Using Devise for authentication and CanCan for authorization on a new Rails 3 app.

How can I access methods defined in ApplicationController within the Ability class that CanCan provides?

a.k.a., something like this:

class Ability

  include CanCan::Ability

  def initialize(user)

    user ||= User.new # Guest user.

    can :create, Post if user_signed_in?

  end
end

where user_signed_in? is defined in ApplicationController.


This might not be the answer you wanted, but it seems like you are wanting to mix code concerns that shouldn't be mixed.

Is it a good idea to access user_signed_in? inside your authorisation rules? ... Since authorisation is only concerned with what someone can do, and should not be concerned with if that someone is authenticated (or not).

A before filter (before_filter :authenticate_user!) on your Posts controller to check that your user is authenticated should be enough to do achieve your objective; Your authorisation rules can be run alongside the authentication check, rather than mixed up with it's code.

It's a layered approach :-)

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜