CanCan is an authorization library for Ruby on Rails that defines the authorization of specific resources for multiple users.
If there is an instance where you want to ensure that a certain authorization is not forgotten, you can append the add
check_authorization to the
class ApplicationController < ActionController::Base check_authorization end
This will ensure that authorization takes place in every inherited controller action. If not, the following exception will be raised.
We can modify the permissions so that it is skipped on new objects using
skip_authorization_check. This authorization can be skipped using
:only, which only skips the properties stated, and
:except, which skips all the properties except the ones stated.
The following code skips the authorization check for newly created objects:
class ApplicationController < ActionController::Base skip_authorization_check :only =>[:new] end
CanCan1.6 allows you to conditionally check authorizations when given a method. This is done by using the keyword
Here is an example that allows access to a user who is tagged as admin:
class ApplicationController < ActionController::Base check_authorization :if => :admin? private def admin? request.subdomain == "admin" end end
check_authorizationonly ensures that the authorization is performed.
View all Courses