Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Infinite loop #206

Closed
whataboutbob opened this Issue · 2 comments

2 participants

@whataboutbob

I tried to integrate Cancan into my app yesterday, my env Rails 2.3.10, Ruby 1.8.7, Cancan 1.4.1, Devise 1.0.9 and ran into an infinite loop issue when I added load_and_authorize_resource call to my UsersController. I'm trying to restrict a user to only update, create, show his own record, not someone else's. When I added that call, Rails went into an infinite loop and I have no idea why this is happening. Any ideas? Any insights will be much appreciated, thanks.

Here's a snippet of the log
Processing UsersController#home (for 127.0.0.1 at 2010-12-07 12:17:11) [GET]
Parameters: {"action"=>"home", "controller"=>"users"}
←[4;35;1mUser Load (0.0ms)←[0m ←[0mSELECT * FROM "users" WHERE ("users"."id" = '1') LIMIT 1←[0m
Redirected to http://localhost:3000/

Processing UsersController#home (for 127.0.0.1 at 2010-12-07 12:17:11) [GET]
Parameters: {"action"=>"home", "controller"=>"users"}
←[4;36;1mUser Load (0.0ms)←[0m ←[0;1mSELECT * FROM "users" WHERE ("users"."id" = '1') LIMIT 1←[0m
Redirected to http://localhost:3000/

Processing UsersController#home (for 127.0.0.1 at 2010-12-07 12:17:11) [GET]
Parameters: {"action"=>"home", "controller"=>"users"}
←[4;35;1mUser Load (15.6ms)←[0m ←[0mSELECT * FROM "users" WHERE ("users"."id" = '1') LIMIT 1←[0m
Redirected to http://localhost:3000/

Processing UsersController#home (for 127.0.0.1 at 2010-12-07 12:17:12) [GET]
Parameters: {"action"=>"home", "controller"=>"users"}
←[4;36;1mUser Load (0.0ms)←[0m ←[0;1mSELECT * FROM "users" WHERE ("users"."id" = '1') LIMIT 1←[0m
Redirected to http://localhost:3000/

And the web error
The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
* This problem can sometimes be caused by disabling or refusing to accept
cookies.

@ryanb
Owner

Do you have something like this in your ApplicationController?

rescue_from CanCan::AccessDenied do |exception|
  flash[:alert] = exception.message
  redirect_to root_url
end

The problem is that is redirecting the user to the root_url and he doesn't have permission to access that page so this gets triggered again and again. You need to redirect him to a page he can access, perhaps the new_user_session_path.

@whataboutbob

Actually, I do have the above code snippet in ApplicationController. What I didn't account for is a custom action I added that is set as the root_url. Once I allow access to the custom action, it works. Thanks for your help, Ryan, great work as always.

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.