I'm working on a Rails app and have Devise set up and working with all the default settings, and am setting up CanCan.
The following is the content of the 'Ability' class, (not really my code, based on several tutorials);
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user_signed_in?
can :manage, :all
end
end
end
I know the file itself works, as I've added a sample authorize! :edit, @document to one of my controllers. If I remove the if user_signed_in? line (and, of course, the end), then when the can :manage, :all line is present, I can access the document controller's actions, and without it, it says 'Access Denied'.
However when I attempt to do this with the user_signed_in? line present, I get the following error;
NoMethodError in DocumentsController#edit
undefined method `user_signed_in?' for #
And, interestingly, user_signed_in? works perfectly in my views, where I display a login box or the details of the currently logged in user with an if ... else block.
Any ideas how I can access user_signed_in? here? In the longer term, I intend to read a value from the user's record to identify their access level, but it's important that the concept works, as the variables will be coming from the same place!
Thanks!
