Tutorial by Examples

CanCan is a a popular authorization library for Ruby on Rails which restricts user access to specific resources. The latest gem (CanCanCan) is a continuation of the dead project CanCan. Permissions are defined in the Ability class and can be used from controllers, views, helpers, or any other place...

Abilities are defined in the Ability class using can and cannot methods. Consider the following commented example for basic reference: class Ability include CanCan::Ability def initialize(user) # for any visitor or user can :read, Article if user if user.admin? ...

Once the number of abilities definitions start to grow in number, it becomes more and more difficult to handle the Ability file. The first strategy to handle these issue is to move abilities into meaningful methods, as per this example: class Ability include CanCan::Ability def initialize(...

If you'd like to quickly test if an ability class is giving the correct permissions, you can initialize an ability in the console or on another context with the rails environment loaded, just pass an user instance to test against: test_ability = Ability.new(User.first) test_ability.can?(:show, Pos...