Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

documentation confusion about Class/Block #392

Closed
mcr opened this Issue · 4 comments

3 participants

Michael Richardson Ryan Bates Lee Atchison
Michael Richardson
mcr commented

in cancan/ability.rb, it says:

# IMPORTANT: Neither a hash of conditions or a block will be used when checking permission on a class.
#
#   can :update, Project, :priority => 3
#   can? :update, Project # => true

I think that this is saying that despite the :priority => 3, the test with the class Project will always return true.
I'm asking in great part, because earlier in the file, it says:

# You can pass a hash of conditions as the third argument. Here the user can only see active projects which he owns.
#
#   can :read, Project, :active => true, :user_id => user.id

which seems to do exactly this. Or is that the statement applies because can? was passed a class and not an object?
that's it's okay to pass in class to the can, (or :project, I think?)

Ryan Bates
Owner

Or is that the statement applies because can? was passed a class and not an object?

That's the key there, when a class is passed it does not have an object to check attributes on so the conditions hash cannot apply. Does that make sense?

Michael Richardson
mcr commented

okay, so perhaps I can suggest some clearer text where it says IMPORTANT.

How about:

# IMPORTANT, Given that one has declared:
#   can :update, Project, :priority => 3
# if one then tests an ability like:
#   can? :update, Project
# you will always get true. The condition `:priority=>3` will never be checked because there is no object to test it against.
Michael Richardson mcr closed this
Ryan Bates
Owner

Thanks for the suggestion. I'll mark this for improved documentation.

Ryan Bates ryanb reopened this
Lee Atchison

Reclosing this...it was accidently reopened with Ryan's "thanks" reply.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.