I'm using CanCan in a project to manage different role level on each entity for each project. I'm doing this:
# encoding: utf-8
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new
if user.is_admin == true
can :manage, :all
else
can :read, :all
Project.all.each do |project|
current_role_name = user.roles.find_by_project_id(project.id).role_name.name
if current_role_name.eql?'Auteur senior'
can :manage, [Project, Introduction, Abstract, Text, Conclusion, Asset, Attachment], :project_id => project.id
elsif current_role_name.eql?'Auteur junior'
can :manage, [Introduction, Abstract, Attachment], :project_id => project.id
can :update, Text, :project_id => project.id, :user_level => current_role_name
can :manage, [Asset], :project_id => project.id, :user_level => current_role_name
elsif current_role_name.eql?'Équipe phylogéniste'
can :manage, [Attachment], :project_id => project.id
can :manage, [Text, Asset], :project_id => project.id, :user_level => current_role_name
end
end
end
end
end
It works when I check the user role_name but after when I want to use condition like this:
can :update, Text, :project_id => project.id, :user_level => current_role_name
The condition doesn't have any effect. How can I make it work?
I finally found the solution :
In concerned controller I replaced authorize_resource by load_and_authorize_resource and that's it.