I need help to configure CanCanCan using ActiveAdmin. I have everything else working including devise. I can restrict menus using devise but if you know the URL lets say for edit you can still edit that resource. I want to restrict a normal user from editing/creating any resources but it does not seem to work.
Active_Admin.rb
config.cancan_ability_class = ActiveAdmin::CanCanAdapter
Ability.rb (simple out of the box)
class Ability
include CanCan::Ability
def initialize(user)
# Define abilities for the passed in user here. For example:
#
# user ||= User.new # guest user (not logged in)
if user.admin?
can :manage, Student
else
can :read, Student
end
end
end
User model.
admin:boolean
and if I login with a user who is not an admin i can still create/edit/delete, I just want to restrict them to read only.
Please help i am struggling with this only feature that I need to complete.
Thanks in advance
