1

役割にcancanを使用するactiveadminアプリがあります。管理者はすべての注文を表示できる必要があり、ブローカーはそれらに属する注文のみを表示する必要があります。現在、ブローカーは正常に動作していますが、管理者はアプリ内のすべての注文ではなく、そのユーザーに属する注文のみを表示しています。

能力モデル

class Ability
  include CanCan::Ability

  def initialize(user)

        return if user.nil? #non logged in user can use this.

        if user.broker?
            can [:index, :create, :read, :update, :new, :edit], [Order, Customer], :admin_user_id => user.id.to_s
            can :read, [OrderCategory, OrderType, OrderStatus, OrderPriority]
            cannot :index, [OrderCategory, OrderType, OrderStatus, OrderPriority]
            cannot :destroy, :all
        end

        if user.art?
            cannot :create, :all
            can :read, :all
            can :update, Order
            cannot :destroy, :all
        end


        if user.shipping?
            can :read, :all
            can :update, Order
            cannot :destroy, :all
        end

        if user.production?
            can [:create, :update], [Order, Customer]
            can :read, :all
        end

        if user.sales?
            can [:create, :read, :update], [Order, Customer]
            cannot :destroy, :all
        end

        if user.admin?
            can :manage, :all
        end
    end
end

リソースの注文

ActiveAdmin.register Order, :sort_order => "end_date_asc" do
    controller.authorize_resource :except => :index

    menu :label => "All Orders", :parent => "Sales", :priority => 2

    filter :name, label: "Order Name"
    filter :admin_user, :collection => proc { AdminUser.all.map{|u| [u.last_name, u.id] } }
    filter :order_category, label: "Category"
    filter :order_type, label: "Type"
    filter :order_status, label: "Status"
    filter :order_priority, label: "Priority"
    filter :customer, label: "Customer"
    filter :start_date, label: "Start Date"
    filter :end_date, label: "Due Date"
    filter :id, label: "Order ID#"

  controller do

     def begin_of_association_chain
      current_user 
    end
    end

    index do 
        selectable_column
        column "ID", :sortable => :id do |order|
            link_to order.id, admin_order_path(order)
        end
        column "Proof" do |order|
            image_tag order.proof_url(:proof).to_s
        end
        column "Name", :sortable => :name do |order|
      link_to order.name, admin_order_path(order)
    end
    column(:customer, :sortable => :customer_id)
    column("Category", :order_category, :sortable => :order_category_id) 
        column("Status", :order_status, :sortable => :order_status_id)
        column("Priority", :order_priority, :sortable => :order_priority_id)
    column("Due Date", :end_date, :sortable => :end_date)
    default_actions
  end


  form :partial => "form"

  show :title => :name do

    panel "Order Details" do
      attributes_table_for resource do
        row :id
        row :admin_user
        row :name
        row :order_category
        row :order_type
        row :order_status
        row :order_priority
        row :start_date
        row :end_date
      end
    end
      resource.line_items.each do |a|
        text_node(render :partial => "admin/line_items/show", :locals => { :line_item => a })
    end
    panel "Art Details" do
        attributes_table_for resource do
            row :print_location
            row :color_front
            row :color_back
            row :color_sleeve
            row(:artwork) do
                image_tag order.artwork_url(:thumb).to_s
            end
            row(:proof) do
                image_tag order.proof_url(:thumb).to_s
            end
          end
      end  
    end
end
4

1 に答える 1

0

CanCanそれはあなたの現在の問題とは何の関係もないと思います。このコード:

def begin_of_association_chain
  current_user 
end

InheritedResourceモデル オブジェクトのリストを取得するために使用されるスコープを変更します。current_user常にクエリに適用される最初のスコープになりたいことをコントローラーに伝えています。

于 2013-06-06T17:26:19.330 に答える