I am working on creating a 'sub_admin' role for admin using CancanCan, and Active Admin. The goal is to enable sub_admin to manage specific aspects of it's parent account information. However, I want to provide flexibility for the parent account to decide which information is manageable for the sub_admin. While I have a good understanding of CancanCan, and Active Admin, I'm encountering some challenges in implementing this functionality
I tried to implemente the desired functionality using CanCanCan;
example code:
class Ability
include CanCan::Ability
def initialize(user)
current_user ||= AdminUser.new
if user.role == "admin"
can :manage, :all
elsif user.role == "sub_admin"
can :manage, AdminUser, id: user.id
can :read, MembershipPlan
can :read, Transaction, admin_user_id: user.id
can :read, BookAllotment, admin_user_id: user.id
can :read, Section
can :read, Shelf
can :read, Book
elsif user.role == "user"
can :read, Section
can :read, Shelf
can :read, Book
end
can :read, ActiveAdmin::Page, name: "Dashboard", namespace_name: "admin"
end
end
however, It can only view it's own records not the parent's I don't plan to let the sub_admin have any records of his own as I am seeking a solution to allow the parent account to manage these permissions dynamically instead of hard-coding them. While exploring options, I came across the active_admin_role gem (https://github.com/activeadmin-plugins/active_admin_role), which precisely addresses my requirements. Unfortunately, this gem is no longer maintained and I couldn't find a alternative.