Ruby on Rails

On Jul 1, 2013, at 6:22 PM, Phil wrote:

> Rails 3.2.11
> Ruby 2
>
>
> Hi,
>
> I am building my first rails app and decided to use Devise(2.2.4) and Cancan(1.6.10) for auth and role management. The auth part works nicely but I haven't been able to get cancan working correctly. I have one role setup(admin). But when I try view the users index page it redirects me to the homepage even though I'm an admin. ANy advice on where I may be going wrong is most welcomed.
>
> Here is my code:
>
> # app/models/ability.rb
> class Ability
>
> include CanCan::Ability
>
> def initialize(user)
> user ||= User.new # guest user (not logged in)
> if user.role? :admin
> can :manage, :all
> else
> can :read, :all
> end
> end
> end
>
>
>
> # app/controllers/users_controller.rb
> class UsersController < ApplicationController
>
> load_and_authorize_resource
> before_filter :authenticate_user!
>
> def index
> @users = User.all
> authorize! :manage, @users
>
> respond_to do |format|
> format.html
> format.json { render :json => @users }
> end
> end
> end
>
>
>
> # app/controllers/application_controller.rb
> class ApplicationController < ActionController::Base
>
> protect_from_forgery
>
> def after_sign_in_path_for(resource)
> root_url
> end
>
> rescue_from CanCan::AccessDenied do |exception|
> redirect_to root_url, :alert => exception.message
> end
>
> def current_ability
> @current_ability ||= Ability.new(current_user)
> end

This may be the problem. I have never once defined the current_ability method, just relied on CanCan to provide it. See what happens if you comment this out and restart your server.

Walter

>
> #load the permissions for the current user so that UI can be manipulated
> def load_permissions
> @current_permissions = current_user.role.permissions.collect{|i| [i.subject_class, i.action]}
> end
>
> end
>
>
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/98f2df7c-55e4-44d6-a352-47e9dff19a78%40googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/D9462192-1304-42D0-85E5-3253FEC20FF7%40wdstudio.com.
For more options, visit https://groups.google.com/groups/opt_out.