- Defined in:
#accessible_by(ability, action = :index) ⇒ Object
Returns a scope which fetches only the records that the passed ability can perform a given action on. The action defaults to :index. This is usually called from a controller and passed the
@articles = Article.accessible_by(current_ability)
Here only the articles which the user is able to read will be returned. If the user does not have permission to read any articles then an empty result is returned. Since this is a scope it can be combined with any other scopes or pagination.
An alternative action can optionally be passed as a second argument.
@articles = Article.accessible_by(current_ability, :update)
Here only the articles which the user can update are returned.
23 24 25
# File 'lib/cancan/model_additions.rb', line 23 def accessible_by(ability, action = :index) ability.model_adapter(self, action).database_records end