Rails in Action - Privatizing Assets

Rails in Action - Privatizing Assets

Admin logged in and created a ticket related to project then uploaded an
attachment correctly with no errors then when i try to download it it goes
to the false condition , when i replaced can? with cannot? he was able to
download the asset , so what is needed to make admin able to download it
without changing the current controller show action ?
Note: the false condition it should happen if the user do not have a
permission to see assets , but i don't how how this could happen to the
admin also cant find it in the book. Does anyone go through this before ?
class FilesController < ApplicationController
before_filter :authenticate_user!
def show
asset = Asset.find(params[:id])
if can?(:view, asset.ticket.project)
send_file asset.asset.path, :filename => asset.asset_file_name,
:content_type =>
asset.asset_content_type
else
flash[:alert] = "The asset you were looking for could not be
found."
redirect_to root_path
end
end
end