Time is money especially when it comes to business, the importance of time can never be stressed enough. It is natural for business people to have affinity towards things that saves them time. This reason alone is the greatest catalyst in the huge popularity of Ruby on Rails. One of the most productive ways to build web applications, demand for Rails for web applications continue at a swift pace. What makes Ruby on Rails more awesome are the list of gems that come with it. Ruby gems are the categorized list of reusable codes which helps developer build applications even faster. CanCan is one such Ruby gem which is an authorization library restricting the resources specific users are allowed to access. With permissions defined in a single location (the Ability class) CanCan gem checks whether user or a resources has permission to access the file or not. It also ensure that there are no duplication across controllers, views, and database queries.
Integrating CanCan and Defining Abilities
> Add gem ‘cancan’ to your gem file.
And run
bundle install to install the gem
Creating Abilities
> Now generate ability.rb file in which we can specify permission to all users.
rails g cancan:ability
> Open the generated .rb file and define abilities
class Ability
include CanCan::Ability
def initialize( user )
user ||= User.new
can :manage , Article
cannot :manage , Comment
can :read , Tag , released: true
end
end
Checking Abilities
“Can and Cannot” function is used to check user permission. Can checks whether user has permission to access the file and cannot works in reverse way. We can define them in Controller or View
Ex: (For Can)
<%= link_to “New User” , new_user_path if can? :create, User %>
Ex: (For Cannot)
<% if cannot? :destroy , @user %>
<span class=”permission-message”>You aren’t allowed to delete this user.</span>
<% end %>
Load and Authorize Resource
load_and_authorize_resource using for
1. Load the model automatically
2. Authorize the requested action
Ex:
class UsersController <ApplicationController
load_and_authorize_resource
end
Handling Authorization Failure
load_and_authorize_resource using time authorization is failed then exception will raise and pass the error alert through rescue_form
Ex:
class ApplicationController < ActionController::Base
rescue_form CanCan::AccessDenied do |exception|
redirect_to root_url, alert: exception.message
end
end
Well, now you know about CanCan, what it does and how to configure it. Go paint the town red!
When it comes to building apps, Ruby on Rails is great because of its faster go-to-marketability. If you are on a look out for a app development company, RailsCarma is a great choice. Railscarma has been implementing Ruby on Rails from its nascent stages for development, training, deploying and contributing back to the Rails Community and provide best Ruby on Rails development services. RailsCarma provide end to end Ruby on Rails services including, consulting, architecture, building, management and extension to companies around the globe. You can also hire Ruby on Rails developers with an easy to hire process. Contact us to know more.