I have used 4 important gems
gem 'activeadmin'
gem 'devise'
gem 'cancancan', '~> 2.0'
gem 'friendly_id', '~> 5.2.4'
I have 2 main Controller "User" and "Post" and registered in active_admin(rails generate active_admin:resource User and rails generate active_admin:resource Post).I have used cancancan for the authorization.
I have defined the ability in
ability.rb
if user.admin?
can :manage, :all
else
can :read, Posts
end
ApplicationController.rb
class ApplicationController < ActionController::Base
protect_from_forgery
rescue_from CanCan::AccessDenied do |exception|
respond_to do |format|
format.json { head :forbidden, content_type: 'text/html' }
format.html { redirect_to main_app.root_url, notice: exception.message }
format.js { head :forbidden, content_type: 'text/html' }
end
end
def current_ability
@current_ability ||= AccountAbility.new(current_admin_user)
end
end
schema.rb
ActiveRecord::Schema.define(version: 2019_02_14_200911) do
create_table "active_admin_comments", force: :cascade do |t|
t.string "namespace"
t.text "body"
t.string "resource_type"
t.integer "resource_id"
t.string "author_type"
t.integer "author_id"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index ["author_type", "author_id"], name: "index_active_admin_comments_on_author_type_and_author_id"
t.index ["namespace"], name: "index_active_admin_comments_on_namespace"
t.index ["resource_type", "resource_id"], name: "index_active_admin_comments_on_resource_type_and_resource_id"
end
create_table "admin_users", force: :cascade do |t|
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.boolean "admin", default: true
t.index ["email"], name: "index_admin_users_on_email", unique: true
t.index ["reset_password_token"], name: "index_admin_users_on_reset_password_token", unique: true
end
create_table "categories", force: :cascade do |t|
t.string "title"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
end
create_table "posts", force: :cascade do |t|
t.string "title"
t.text "body"
t.datetime "published_at"
t.integer "user_id"
t.integer "category_id"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "slug"
t.index ["category_id"], name: "index_posts_on_category_id"
t.index ["slug"], name: "index_posts_on_slug", unique: true
t.index ["user_id"], name: "index_posts_on_user_id"
end
create_table "users", force: :cascade do |t|
t.string "name"
t.string "email"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "slug"
t.boolean "admin", default: false
t.index ["slug"], name: "index_users_on_slug", unique: true
end
end
Goal
My goal is: 1. Only Admin can post,add user, add category basically manage all.
2. guest User can only read.
So I used cancancan gem to do authorization. But I am getting error:
uninitialized constant ApplicationController::AccountAbility
Extracted source (around line #12):
end
def current_ability
@current_ability ||= AccountAbility.new(current_admin_user)
end
end
And I have uploaded on git if you need any further information.
It will be great if you can help me. Thanks in advance.
