This repository has been archived by the owner on May 13, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7
Home
Gourav Tiwari edited this page Apr 9, 2015
·
2 revisions
Well, it depends on what authorization mechanism you are using.
# config/routes.rb
audit_rails_constraint = lambda do |request|
request.env['warden'].authenticate? && request.env['warden'].user.admin?
end
# Later, update mounting of the audit_rails engine to use constraint:
constraints audit_rails_constraint do
mount AuditRails::Engine, at: "audit_rails"
end
# config/initializers/audit_rails.rb
class CanAccessAuditRails
def matches?(request)
user = request.env['warden'].user
return false if user.blank?
Ability.new(user).can? :manage, AuditRails
end
end
# config/routes.rb
constraints CanAccessAuditRails.new do
mount AuditRails::Engine, at: "audit_rails"
end
Courtesy: Pro-tip
If this doesn't work, please create an issue, with errors/stacktrace.