Make the CanCan permissions accessible from the web

Issue #7 resolved
Craig Snowden
created an issue

I'll come out and say I'm against this, but I need to make sure I'm not the only one.

Currently permissions are assigned to roles within the ability.rb class. This is mostly on a blanket basis, e.g. can :manage, :all if user.has_role? :admin. It's unlikely these would need to change unless a new model was created that required some form of access by someone lower down the administrative tree - and if you're creating a new model you're in the code anyway.

Umm, so yeah.

Comments (2)

  1. Hayden Ball

    No - I'd agree. I don't see any need for these to change.
    If we need this level of control, surely it would be better to have a "show_editor" role, a "news_editor" role, a "block_editor" role etc and then allow the assignment of roles through the webmin.

  2. Log in to comment