How to handle permission in rails code example
Example 1: How to handle permission in rails
class Ability
include CanCan::Ability
def initialize(user)
if user.present? # additional permissions for logged in users (they can read their own posts)
can :read, Post, users: { id: user.id }
end
end
end
Example 2: How to handle permission in rails
class Post
has_many :post_users
has_many :users, through: :post_users
end
class PostUser
belongs_to :post
belongs_to :user
end
class User
has_many :post_users
has_many :posts, through: :post_users
end