Ruby on Rails - getting started with cancan in ruby on rails- ruby on rails tutorial - rails guides - rails tutorial - ruby rails
what is cancan in ruby on rails?
CanCan is a a popular authorization library for Ruby on Rails which restricts user access to specific resources. The latest gem (CanCanCan) is a continuation of the dead project CanCan.
Permissions are defined in the Ability class and can be used from controllers, views, helpers, or any other place in the code.
Adding authorization support to an app, add the CanCanCan gem to the Gemfile:
Example
Then check authorization using load_and_authorize_resource to load authorized models into the controller:
authorize! to check authorization or raise an exception
- can? to check if an object is authorized against a particular action anywhere in the controllers, views, or helpers
Note: This assumes the signed user is provided by the current_user method