¿Cómo restringir entidades manejables en Active Admin?

I would like to restrict the list of manageable model entities in Active Admin based on an attribute of the current_user and the model entity.

e.g: A User (with admin rights) have a team_id == 2 and should only be able to manage Tasks with a team_id == 2

Edit: I'm trying to use scopes but I don't know how to scope using this condition:

user.team_id == task.team_id

Is that possible with Active Admin?

Thanks for your time.(This is my first post, tell me if I can improve my question)

preguntado el 28 de mayo de 14 a las 12:05

2 Respuestas

You're most probably trying to define different levels of access and authorization. You should look into the CanCan gem: https://github.com/ryanb/cancan

ActiveAdmin explains how to implement it here: http://www.activeadmin.info/docs/13-authorization-adapter.html#using_the_cancan_adapter

Then in your case you could define an ability.rb like:

class Ability
    include CanCan::Ability

    def initialize(user)
        user ||= User.new
        case user.team_id
            when 1
                can :manage, Post
            when 2
                can :manage, Post
                can :manage, Task
            when 3
                can :manage, :all
        end
        can :read, ActiveAdmin::Page, :name => "Dashboard"
    end
end

Yo sugeriría definir un role attribute instead of using team_id, but that's just being picky with semantic :)

¡Espero eso ayude!

contestado el 29 de mayo de 14 a las 10:05

Sorry I was too vague, there are not different levels of access, I'm trying to scope everything with the condition user.team_id == task.team_id - esmoquin

I finally found how to use scopes:

scope_to :current_user

And add to User model:

has_many :tasks, through: :team

Respondido 20 Abr '16, 22:04

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.