Using Authority with rolify
Clone this wiki locally
Authority's authorizer methods let you check anything you like in order to decide what a user can do.
def deletable_by?(user) resource.looks_spammy? && user.points > 200 || is_spam_cleanup_day?(Date.today) end
However, one of the most common use cases is checking user roles. The rolify gem is a nice fit for this, making it easy to create and assign roles and query based on them.
So our example above might be amended as:
def deletable_by?(user) user.has_role?(:admin) || resource.looks_spammy? && user.points > 200 || is_spam_cleanup_day?(Date.today) end
See the great documentation and wiki for rolify for setup and usage details.