Generate cancan:ability and configure to manage posts and comments

indigodavid · indigodavid · commit ba40a97a8769 · 2022-09-28T17:29:49.000-05:00
diff --git a/app/models/ability.rb b/app/models/ability.rb
@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+class Ability
+  include CanCan::Ability
+
+  def initialize(user)
+
+    can :read, :all
+    return unless user.present?
+    can :manage, Post, author: user
+    can :create, Comment
+    can :manage, Comment, author: user 
+    return unless user.admin?
+    can :manage, :all # finally we give all remaining permissions only to the admins
+    # Define abilities for the user here. For example:
+    #
+    #   return unless user.present?
+    #   can :read, :all
+    #   return unless user.admin?
+    #   can :manage, :all
+    #
+    # The first argument to `can` is the action you are giving the user
+    # permission to do.
+    # If you pass :manage it will apply to every action. Other common actions
+    # here are :read, :create, :update and :destroy.
+    #
+    # The second argument is the resource the user can perform the action on.
+    # If you pass :all it will apply to every resource. Otherwise pass a Ruby
+    # class of the resource.
+    #
+    # The third argument is an optional hash of conditions to further filter the
+    # objects.
+    # For example, here the user can only update published articles.
+    #
+    #   can :update, Article, published: true
+    #
+    # See the wiki for details:
+    # https://github.com/CanCanCommunity/cancancan/blob/develop/docs/define_check_abilities.md
+  end
+end
