You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have certain permissions that are only enabled after the user has entered there password for a given session. This allows us to remember the user and show some limited info without them entering a password on each visit while also protecting the user's important information with their password.
To do this we catch the CanCan::AccessDenied exception and test if they would have been authorized had they entered their password. This works well for most authorization checks. It only fails if there are additional args int the authorize! block like so
authorize!:show,:named_feature,user_id: user.id
We can't recheck this demand because the AccessDenied exception does not include the user_id: user.id hash.
The text was updated successfully, but these errors were encountered:
We have certain permissions that are only enabled after the user has entered there password for a given session. This allows us to remember the user and show some limited info without them entering a password on each visit while also protecting the user's important information with their password.
To do this we catch the CanCan::AccessDenied exception and test if they would have been authorized had they entered their password. This works well for most authorization checks. It only fails if there are additional args int the authorize! block like so
We can't recheck this demand because the AccessDenied exception does not include the
user_id: user.id
hash.The text was updated successfully, but these errors were encountered: