Skip auth & check based on current user #941

Open
srinu0541 opened this Issue Sep 24, 2013 · 1 comment

Comments

Projects
None yet
2 participants

Hello friends,

skip_authorization_check :only => [:new], :if => current_user.profile.nil?

i need something like this to work.
If current user doesn't have any profile then we need to give him rights to create one profile then after he doesn't has the ability to another profile. Means we need to skip authorization for first time.

Please help me out friends.

redrick commented Oct 7, 2013

hi there,

you probably solved this one already, but ryan provided here nice way to do this kinda things, if i am gettin you right.. and I use that also... the gist of it is to do thing such as this:
in your ability.rb do

def initialize(user)
  user ||= User.new

  case user.role
  when 'admin'
    can :manage, :all
  else
    # put here can for the User.new or something
  end
end

this way if noone is signed in still a new "anonym" user is created and you can determine that is not registered, so you can let him do that :) hope it helped you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment