Accessing Devise helper methods from CanCan, etc
This seems like an easy question that I just can't wrap开发者_开发技巧 my head around.
Using Devise for authentication and CanCan for authorization on a new Rails 3 app.
How can I access methods defined in ApplicationController
within the Ability
class that CanCan provides?
a.k.a., something like this:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # Guest user.
can :create, Post if user_signed_in?
end
end
where user_signed_in?
is defined in ApplicationController
.
This might not be the answer you wanted, but it seems like you are wanting to mix code concerns that shouldn't be mixed.
Is it a good idea to access user_signed_in?
inside your authorisation rules? ... Since authorisation is only concerned with what someone can do, and should not be concerned with if that someone is authenticated (or not).
A before filter (before_filter :authenticate_user!
) on your Posts controller to check that your user is authenticated should be enough to do achieve your objective; Your authorisation rules can be run alongside the authentication check, rather than mixed up with it's code.
It's a layered approach :-)
精彩评论