Submitted by swarut on Mon, 07/02/2012 - 14:45
In CanCan, the custom ability (rather than resource CRUD) can be defined in the following way.
1. If the method belongs to the controller which has corresponding model (defined as resource).
can :manage, EventRsvp, user_id: user.id
2. If the method has no corresponding model.
In this case, I have a tag controller, but no tag model. The first parameter is the method name in tag controller, and the second parameter is an user-defined one. You can set it to a symbol you like, then when you want to check for authorization, just called
can :company_tags, :tag
authorize! :company_tags, :tag