This repository has been archived by the owner on Dec 12, 2021. It is now read-only.
Devise
Eito Katagiri edited this page Aug 19, 2013
·
4 revisions
You can bypass Cancan 2.0's authorization for Devise controllers similar to Cancan 1.6:
class ApplicationController < ActionController::Base
protect_from_forgery
enable_authorization :unless => :devise_controller?
endIt may be a good idea to specify the rescue from action:
rescue_from CanCan::Unauthorized do |exception|
if current_user.nil?
session[:next] = request.fullpath
puts session[:next]
redirect_to login_url, :alert => "You have to log in to continue."
else
#render :file => "#{Rails.root}/public/403.html", :status => 403
if request.env["HTTP_REFERER"].present?
redirect_to :back, :alert => exception.message
else
redirect_to root_url, :alert => exception.message
end
end
endThis project is abandoned, see its successor: CanCanCan