CanCan，建立一個嵌套資源？

Question

我有以下型號：

Group (id) 
Poll (id, group_id) 
PollVote (id, poll_id) 

我不想做深嵌套，這意味着我不希望/組/：ID /調查/：ID/poll_vote /：ID

我想設定，讓我的路線：

/group/:id 
/poll/:id 
/poll/:id/poll_vote/:poll_vote_id 

我有民意調查工作，但我無法弄清楚如何獲得PollVote工作......到目前爲止，我有：

class PollVotesController < ApplicationController 

    # Authorization w Devise & CanCan 
    before_filter :authenticate_user! # Devise, signed in users only 
    load_and_authorize_resource :poll # CanCan 
    load_and_authorize_resource :poll_vote, :through => :poll 

    # We need to pass along the wall 
    def current_ability 
     @current_ability ||= Ability.new(current_user, @poll.group_id) 
    end 

然後在ability.rb

can [:manage], Poll do |poll| 
    This returns TRUE is the user is a group member of the poll 
end 

有什麼值得我PollVotes使用，有PollVotes慘慘使用輪詢檢查？

感謝

Answer 1

您還沒有顯示您的用戶< - >集團的關聯，因此，如果User has_and_belongs_to_many :groups則：

can :manage, [ Poll ] { |poll| user.groups.include?(poll.group) } 

當然，你可能要鎖定下來只與相關票用戶。

編輯 - 這裏是一個例子，從而限制對創建和編輯投票表決訪問：

can :read, PollVote # not needed if you have e.g. can :read, :all 
can :create, [ PollVote ] { |poll_vote| user.groups.include?(poll_vote.poll.group) } 
can [ :edit, :destroy ], [ PollVote ] { |poll_vote| poll_vote.user_id == user.id }