I've given up on trying to lock down every action in the application. Currently I'm placing in every controller except the devise/registration:
load_and_authorize_resource
in the user model:
def role?(role)
roles.include? role.to_s
end
in the ability model:
if user.role? :superadmin
can :manage, :all
end
However, I am getting the following error:
undefined local variable or method `roles'
app/models/user.rb:33:in `role?'
app/models/ability.rb:7:in `initialize'
Thanks for your help.
UPDATE: Because of Bohdan's answer below i looked further into the documentation and found there are differing methods of setting up the cancan model(s). currently we have 6 different roles resulting in 6 different Boolean fields in the database. I was thinking of a hierarchical approach to defining roles where one user could have many roles and one role has many users. There are two ways to set up the role definitions. First. Second. For ease of use i think i'll define each role exhaustively so there is only one role for each person. Wondering what the disadvantages of that are.
UPDATE: I commented out all the other roles other than superadmin as defined above. Realized that it doesn't have anything to do with many to many issue. So...?
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 聊天终结者 的文章《using cancan getting undefined local variable or m》','https://www.manongdao.com/article-939222.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}