You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Dec 12, 2021. It is now read-only.
I am trying out CanCan 2.0 for the first time, in order to use ollym's fork for strong parameters.
My controller is namespaced Builder::ContactsController. So in my Ability:
can [:index, :show], :"builder/contacts"
This allows me to bypass the ensure_authorization check and get into my index method. I have included load_and_authorize_resource in the controller, but the @contacts variable is not loaded by CanCan.
Is there something else I need to be doing in CanCan 2.0 to load this resource? I have tried using the class option but that doesn't work either. Also, no calls to load_resource or anything CanCan-related are found in my trace. No SQL for contacts is generated (according to the log) either.
This all works in CanCan 1 using this:
can :read, Contact
I've tried adding the above line to my ability.rb when using CanCan 2, and it still doesn't work.
The text was updated successfully, but these errors were encountered:
I had the same error the problem was that I had defined both a block and a normal ability and expected it to ignore the block. As far as I can think this should not compromise security as long as no cannot blocks are used.
Thanks for your submission! The ryanb/cancan repository has been inactive since Sep 06, 2013.
Since only Ryan himself has commit permissions, the CanCan project is on a standstill.
CanCan has many open issues, including missing support for Rails 4. To keep CanCan alive, an active fork exists at cancancommunity/cancancan. The new gem is cancancan. More info is available at #994.
If your pull request or issue is still applicable, it would be really appreciated if you resubmit it to CanCanCan.
We hope to see you on the other side!
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I am trying out CanCan 2.0 for the first time, in order to use ollym's fork for strong parameters.
My controller is namespaced Builder::ContactsController. So in my Ability:
This allows me to bypass the ensure_authorization check and get into my index method. I have included
load_and_authorize_resource
in the controller, but the@contacts
variable is not loaded by CanCan.Is there something else I need to be doing in CanCan 2.0 to load this resource? I have tried using the
class
option but that doesn't work either. Also, no calls to load_resource or anything CanCan-related are found in my trace. No SQL for contacts is generated (according to the log) either.This all works in CanCan 1 using this:
I've tried adding the above line to my ability.rb when using CanCan 2, and it still doesn't work.
The text was updated successfully, but these errors were encountered: