I've got this code in Rails 3.2.11 project with CanCan 1.6.8:
can :manage, User
cannot :manage, User, :rank => "root"
and when I run WEBrick, log in as super_admin and go to user/index action cancan runs this SQL (from development.log):
SELECT users.* FROM users WHERE users.rank = 'root';
resulting in selecting only the 'root' user from the DB where I want the opposite effect.
CanCan should run something like this:
SELECT users.* FROM users WHERE users.rank != 'root';
i noticed that when i put this code in Ability instead of code mentioned earlier it all works fine:
can :manage, User, :rank => 'user'
can :manage, User, :rank => 'admin'
can :manage, User, :rank => 'super_admin'
am I missing something or is it a bug?
@vectriss did you resolve the issue? if not i'd be happy to help.
Thanks for your submission! The ryanb/cancan repository has been inactive since Sep 06, 2013.
Since only Ryan himself has commit permissions, the CanCan project is on a standstill.
CanCan has many open issues, including missing support for Rails 4. To keep CanCan alive, an active fork exists at cancancommunity/cancancan. The new gem is cancancan. More info is available at #994.
If your pull request or issue is still applicable, it would be really appreciated if you resubmit it to CanCanCan.
We hope to see you on the other side!