Are these two statements basically the same? If they aren't then what should the second version look like? And what's going on under the covers?
can :index, User, approved: true
can :index, User do |user|
user.approved?
end
I'm not able to get "block" versions of tests working. Everything else works fine.. but blocks don't work. I'm clearly doing something wrong, so I'm trying to understand. Thanks.
CodePudding user response:
Rules with blocks are used when an instance is passed to the rule:
can?(:show, User.first)
The index
action is special because there's no instance of User to pass to the rule, you are not loading a specific user, but multiple.
So,
can :index, User, approved: true
When the UserController#index
action is hit, assuming you have load_and_authorize_resource
(or similar in place), it will load in @users
all the users with approved: true
. If there are no conditions, all users will be loaded. It's straightforward.
Now,
can :index, User do |user|
user.approved?
end
If a rule has a block and the instance is not passed to it (as I said above), the rule will always return true
as in authorized, BUT no users will be loaded.
More explanations, here.
CodePudding user response:
Note that if you pass a block to a can or cannot, the block only executes if an instance of a class is passed to can? or cannot? calls.
If you define a can or cannot with a block and an object is not passed, the check will pass.
Maybe this is answer ?