所有查询默认为用户公司
我正在使用康康舞并试图让它限制为特定公司显示的设备。
我的公司有很多用户,应该只能看到属于该公司的设备。
我认为cancan可以基于此做到这一点:
所以我尝试了这段代码:
can :manage, Equipment do |equipment|
user.company == equipment.company
end
在设备控制器中,我有 @equipment = Equipment.all
我认为它只会拉取设备那用户公司,但当然它会吸引他们所有人。有没有一种简单的方法可以做到这一点,或者我是否需要在任何时候只要我想提取该公司的设备就需要执行@equipment = Equipment.find_by_company_id(current_user.company)
。更糟糕的是,我想最终按组和部门将其分解,但不想强迫自己进行更大的查找查询。我愿意接受任何事情,插件,建议,任何解决这个问题的最快方法。
我本可以向这个问题添加更多代码,但我不知道添加所有代码真的会对这个问题有帮助。
非常感谢
托比
I am using cancan and trying to get it to limit equipment shown for a specific company.
I have a company with many users that should only see equipment that belong to that company.
I thought cancan could do this based on this:
Rails 3 company account with many users, restrict access to data
So I tried this code:
can :manage, Equipment do |equipment|
user.company == equipment.company
end
In the equipment controller I have @equipment = Equipment.all
which I figured would just pull the equipment for that users company, but of course it pulls them all. Is there an easy way to do this or do I need to do @equipment = Equipment.find_by_company_id(current_user.company)
anytime I want to pull just that companies equipment. To make this worse I want to eventually break it down by groups and departments, but would rather not have to force myself into more big find queries. I am open to anything, plugins, suggestions, whatever will be the fastest way to fix this.
I could have added more code to this question, but I don't know that adding it all would really help the question.
Thank you very much
Toby
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
尝试
Equipment.accessible_by()
https: //github.com/ryanb/cancan/blob/master/lib/cancan/model_additions.rb
Try
Equipment.accessible_by()
https://github.com/ryanb/cancan/blob/master/lib/cancan/model_additions.rb