I am trying to give some custom roles within spree specific permissions. Cant find this answer anywhere
role_ability.rb
class RoleAbility
include CanCan::Ability
def initialize(user)
user || User.new # for guest
if user.has_role? "admin"
can :manage, :all
elsif user.has_role? "retailer"
can :manage, Product
else
can :read, :all
end
end
end
I thought this might be a popular idea, of letting a user with role 'manager' manage only products and other certain Models...
if I change
elsif user.has_role? "retailer"
can :manage, Product
to
elsif user.has_role? "retailer"
can :manage, :all
It works as expected... I can access all of the admin area
I only want the "Retailer" to be able to :manage Products tho!! ;)
"admin" is only a role associated with a user, ie all roles are Users.
You can probably see where this is going, Retailers can sign up and sell items of their own.. well thats the goal.
Any pointers??
There is a native way in spree_auth_devise to do this. It was not documented, but now is.
https://github.com/spree/spree_auth_devise Section: "Using in an existing Rails application"