Deny field of model when user manages model #627

Closed
gigdates opened this Issue May 24, 2012 · 2 comments

Comments

Projects
None yet
4 participants

I have the following code.

can :manage, Event, :fan_id => fan.id
cannot :manage, :events, :avatar

I then have in my viewer

if can? :manage, @event, :avatar

When a user that owns the event views the page the if statement tuns up as TRUE and allows the block on a form to be viewed. Why isn't cannot overriding the can?

Update: Formatted the code.

well I think you have to write this:
can :manage, Event, :fan_id => fan.id
cannot :manage, Event, :avatar

but if you give some more code like what is in the table Event I think I can help you more :)

Collaborator

andhapp commented May 27, 2012

@gigdates: First of all, what are you trying to do. Your code seems incorrect to me. Please read defining abilities section again and see if that helps you.

@mikepack mikepack closed this Sep 29, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment