Topic: CanCan: can :create based on another model
I've posted a question to Stack Overflow:
but I realize that at least one important CanCan expert reads this forum!
In short, I have a Club model that has_many Memberships. The Club model also has an is_enrollable field.
I'd like to authorize creation of a Membership record only if its associated Club is_enrollable. Conceptually speaking, given these two clubs:
public_club = Club.create(:name => "public", :is_enrollable => true)
private_club = Club.create(:name => "snooty", :is_enrollable => false)
... calling Membership.create(:club => public_club) should succeed and calling Membership.create(:club => private_club) should fail.
I don't mean to suggest that the authorization happen at the model level -- CanCan does its thing at the controller level. But how do I capture this behavior in the Ability class?