ruby on rails - Prevent admins deleting other admins -
this problem haven't run yet, feel do.
here's ability file:
user ||= user.create # create random name here if user.has_role? :admin can :manage, user end if admins user instances have role of admin. won't mean admins able delete other admins? how can stop happening , create superadmin task?
try constraints this,
if user.has_role? :admin can :manage, user, !has_role?(:admin) end
Comments
Post a Comment