I've given up on trying to lock down every action in the application. Currently I'm placing in every controller except the devise/registration:
load_and_authorize_resource
in the user model:
def role?(role)
roles.include? role.to_s
end
in the ability model:
if user.role? :superadmin
can :manage, :all
end
However, I am getting the following error:
undefined local variable or method `roles'
app/models/user.rb:33:in `role?'
app/models/ability.rb:7:in `initialize'
Thanks for your help.
UPDATE: Because of Bohdan's answer below i looked further into the documentation and found there are differing methods of setting up the cancan model(s). currently we have 6 different roles resulting in 6 different Boolean fields in the database. I was thinking of a hierarchical approach to defining roles where one user could have many roles and one role has many users. There are two ways to set up the role definitions. First. Second. For ease of use i think i'll define each role exhaustively so there is only one role for each person. Wondering what the disadvantages of that are.
UPDATE: I commented out all the other roles other than superadmin as defined above. Realized that it doesn't have anything to do with many to many issue. So...?
You should have has_and_belongs_to_many :roles in your model or any other custom definition for method roles
Edit
after you added has_and_belongs_to_many :roles to your User model to make everything work you need
define new model called Role with at least name attribute
change
def role?(role)
roles.include? role.to_s
end
to
def role?(role)
roles.map(&:name).include? role.to_s
end
Edit
migration
class CreateRolesUsers < ActiveRecord::Migration
def self.up
create_table :roles_users do |t|
t.integer :user_id
t.integer :role_id
end
end
def self.down
drop_table :roles_users
end
end
just add this migration and run rake db:migrate rails will do the rest