GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
Already on GitHub? Sign in to your account
We use CanCan to great effect, but have problems with it automatically applying sent attributes to created/loaded models. We use versioned endpoints, so the payload that comes in doesn't match the ActiveModel directly. We would rather CanCan created new resources empty, or just loaded known resources by accessibiity - but that's it. No applying of values.
I know we can override the load method, but that leads to some code duplication as regards the load call, and slightly dangerous as we might forget to add the accessible_by in one place or another.
Ultimately, it would be great to do this at the top of every controller
before_filter :create_or_update_from_hash, only: [:create, :update]
The create_or_update_from_hash method allows us to pick and choose how to apply the sent attributes hash.
At the moment, we monkey-patch CanCan to give us this behaviour thus:
Are there better ways, or can this be brought in somehow as a global option, or local option? eg:
# Proposed code
load_and_authorize_resource apply_attributes: false
Are you able to create a patch for CanCan to implement this new behaviour?
Dear submitter, Since cancan/raynB hasn't been active for more than 6 months and no body else then ryam himself has commit permissions the cancan project is on a stand still.
Since cancan has several issues including missing support for rails 4 cancan is moving forward to cancancan. More details on: #994
If your feel that your pull request or bug is still applicable (and hasn't been merged in to cancan) it would be really appreciated if you would resubmit it to cancancan (https://github.com/cancancommunity/cancancan)
We hope to see you on the other side!