This is my first post here so i want say Hello :)
I'm new to rails. In my app i use device + cancan + rolify. User with role :admin can manage all and this work very well, can create Order and vote up or down. Next i want that, user with role :loc_adm can create order and could vote only in own orders. But here is my problem. When i try in my ability:
def initialize(user)
user ||= User.new
if user.role? :admin
can :manage, :all
else
if user.role? :lok_adm
can :manage, Order, :user_id => user.id
can :manage, Vote, :user_id => user.id
end
can :read, :all
end
User with role :lok_adm can voted not only in own order. Below i send my models.
class Order
belongs_to :user
has_many :votes
class Vote
belongs_to :user
belongs_to :order
class User
has_many :orders
has_many :votes
You've not set what they can't manage. Add
cannot :manage, :all
Above what they lok_adm can manage
You can also do
if condition
elsif another_condition
end
Rather than
if
else
if
end
end