using angular and cancan in Rails application

[Filip Matošić]

Developing an application with angular I came into a problem. In my application I use cancan ( https://github.com/ryanb/cancan ).

Now when showing data in a table i have to filter if the logged user can or cannot edit, view etc, and thus disabling buttons that allow given operations.

When using ror its not a problem:

%td

        -if can? :edit,script

%a{:href=>edit_script_path(script)}

edit

but when i need to do the same thing with angular i need to mark the row data inside the controller with a flag eg. can_edit, can_view and then

so i come up with an idea to add an attribute to each row before rendering to json:

@scripts.each do |script|    script[:can_edit]=can?(:edit,script)  end but then i get the depriciation warning: Writing arbitrary attributes on a model is deprecated. Please just use `attr_writer` An option to add columns can_edit, can_view to my table is out of the question, allso taking the cancan logic into angular is allso not an option as I think that all of the logic is  allready in cancan. So for me it comes down to how can I add the attributes that are not in my tables to models?

[Frederick Cheung]

On Monday, April 15, 2013 8:18:18 AM UTC+1, Filip Matošić wrote:
> Developing an application with angular I came into a problem. In my application I use cancan ( https://github.com/ryanb/cancan ).
> Now when showing data in a table i have to filter if the logged user can or cannot edit, view etc, and thus disabling buttons that allow given operations.
> When using ror its not a problem:
>
> %td
>         -if can? :edit,script
> %a{:href=>edit_script_path(script)}
> edit
> but when i need to do the same thing with angular i need to mark the row data inside the controller with a flag eg. can_edit, can_view and then
> so i come up with an idea to add an attribute to each row before rendering to json:
>
>

As the warning suggests, I'd use attr_writer/attr_accessor. This doesn't mean adding columns to your database, just some ruby accessor methods (people sometimes call these virtual attributes)

Fred

[Filip Matošić]

As zou have suggested i have done this by adding

attr_writer :can_edit,:can_read

to my model 

and in my controller

@scripts.each do |script|

script[:can_edit]=can?(:edit,script)

end

but still getting the warning

guess I'm doing something wrong,

can you lead me in the right direction?

[Filip Matošić]

I'm using:

ruby 1.9.3p125 (2012-02-16 revision 34643)

rails 3.2.13

activesupport (3.2.11) 

[Filip Matošić]

After some research i have added 

attr_accessor :can_edit,:can_read

and now when I:

@scripts.each do |script|

script.can_edit=can?(:edit,script)

logger.debug("----Script----#{script.to_yaml}")

end

I do not get any warning, but in my log can_edit is not being printed,

allso if i json the result (@scripts) back to my page the ca_read is not there?

[Frederick Cheung]

On Monday, April 15, 2013 8:46:22 AM UTC+1, Filip Matošić wrote:

As zou have suggested i have done this by adding

attr_writer :can_edit,:can_read

to my model 

and in my controller

@scripts.each do |script|

script[:can_edit]=can?(:edit,script)

end

Having defined the accessor you do actually need to use it, e.g. script.can_edit = can?(:edit, script).

For it to be included in your to_json output, make it an attr_accessor (so that you get the reader method too) and use the :methods option to add it to the json output.

Fred 

[Filip Matošić]

Thx, helped alot,

now I just:

In my model

attr_accessor :can_edit,:can_read

In my controller i set the can_edit and simply

respond_with(@scripts,:methods => [:can_edit,:can_view])

there is allso a as_json method you can put into the model and it overrides to_json

so you do not need to write ",:methods => [:can_edit,:can_view])" every time

i will give that a try afterwords, thank's for help