Rails 3.2.11 Ruby 2 Hi, I am building my first rails app and decided to use Devise(2.2.4) and Cancan(1.6.10) for auth and role management. The auth part works nicely but I haven''t been able to get cancan working correctly. I have one role setup(admin). But when I try view the users index page it redirects me to the homepage even though I''m an admin. ANy advice on where I may be going wrong is most welcomed. Here is my code: # app/models/ability.rb class Ability include CanCan::Ability def initialize(user) user ||= User.new # guest user (not logged in) if user.role? :admin can :manage, :all else can :read, :all end end end # app/controllers/users_controller.rb class UsersController < ApplicationController load_and_authorize_resource before_filter :authenticate_user! def index @users = User.all authorize! :manage, @users respond_to do |format| format.html format.json { render :json => @users } end end end # app/controllers/application_controller.rb class ApplicationController < ActionController::Base protect_from_forgery def after_sign_in_path_for(resource) root_url end rescue_from CanCan::AccessDenied do |exception| redirect_to root_url, :alert => exception.message end def current_ability @current_ability ||= Ability.new(current_user) end #load the permissions for the current user so that UI can be manipulated def load_permissions @current_permissions = current_user.role.permissions.collect{|i| [i.subject_class, i.action]} end end -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/98f2df7c-55e4-44d6-a352-47e9dff19a78%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
if user.role? :admin looks strange. the .role? indicates that it is a boolean, no? On Monday, July 1, 2013 6:22:46 PM UTC-4, Phil wrote:> > Rails 3.2.11 > Ruby 2 > > > Hi, > > I am building my first rails app and decided to use Devise(2.2.4) and > Cancan(1.6.10) for auth and role management. The auth part works nicely but > I haven''t been able to get cancan working correctly. I have one role > setup(admin). But when I try view the users index page it redirects me to > the homepage even though I''m an admin. ANy advice on where I may be going > wrong is most welcomed. > > Here is my code: > > # app/models/ability.rb > class Ability > > include CanCan::Ability > > def initialize(user) > user ||= User.new # guest user (not logged in) > if user.role? :admin > can :manage, :all > else > can :read, :all > end > end > end > > > > # app/controllers/users_controller.rb > class UsersController < ApplicationController > > load_and_authorize_resource > before_filter :authenticate_user! > > def index > @users = User.all > authorize! :manage, @users > > respond_to do |format| > format.html > format.json { render :json => @users } > end > end > end > > > > # app/controllers/application_controller.rb > class ApplicationController < ActionController::Base > > protect_from_forgery > > def after_sign_in_path_for(resource) > root_url > end > > rescue_from CanCan::AccessDenied do |exception| > redirect_to root_url, :alert => exception.message > end > > def current_ability > @current_ability ||= Ability.new(current_user) > end > > #load the permissions for the current user so that UI can be manipulated > def load_permissions > @current_permissions = current_user.role.permissions.collect{|i| > [i.subject_class, i.action]} > end > > end > > > > > > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/6a428d60-4200-4545-9883-b8cda039385d%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
On Jul 1, 2013, at 6:22 PM, Phil wrote:> Rails 3.2.11 > Ruby 2 > > > Hi, > > I am building my first rails app and decided to use Devise(2.2.4) and Cancan(1.6.10) for auth and role management. The auth part works nicely but I haven''t been able to get cancan working correctly. I have one role setup(admin). But when I try view the users index page it redirects me to the homepage even though I''m an admin. ANy advice on where I may be going wrong is most welcomed. > > Here is my code: > > # app/models/ability.rb > class Ability > > include CanCan::Ability > > def initialize(user) > user ||= User.new # guest user (not logged in) > if user.role? :admin > can :manage, :all > else > can :read, :all > end > end > end > > > > # app/controllers/users_controller.rb > class UsersController < ApplicationController > > load_and_authorize_resource > before_filter :authenticate_user! > > def index > @users = User.all > authorize! :manage, @users > > respond_to do |format| > format.html > format.json { render :json => @users } > end > end > end > > > > # app/controllers/application_controller.rb > class ApplicationController < ActionController::Base > > protect_from_forgery > > def after_sign_in_path_for(resource) > root_url > end > > rescue_from CanCan::AccessDenied do |exception| > redirect_to root_url, :alert => exception.message > end > > def current_ability > @current_ability ||= Ability.new(current_user) > endThis may be the problem. I have never once defined the current_ability method, just relied on CanCan to provide it. See what happens if you comment this out and restart your server. Walter> > #load the permissions for the current user so that UI can be manipulated > def load_permissions > @current_permissions = current_user.role.permissions.collect{|i| [i.subject_class, i.action]} > end > > end > > > > > > > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/98f2df7c-55e4-44d6-a352-47e9dff19a78%40googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/D9462192-1304-42D0-85E5-3253FEC20FF7%40wdstudio.com. For more options, visit https://groups.google.com/groups/opt_out.
Thanks for the replies, I got to the bottom of the issue. I was following this in a tutorial and had the following on my users model, which was converting the role name to camelcaze, so when I removed the ".camelize" it let me in to the restricted pages as expected. Thanks again for the help! def role?(role) return !!self.roles.find_by_name(role.to_s.camelize) end On Monday, July 1, 2013 11:22:46 PM UTC+1, Phillip wrote:> > Rails 3.2.11 > Ruby 2 > > > Hi, > > I am building my first rails app and decided to use Devise(2.2.4) and > Cancan(1.6.10) for auth and role management. The auth part works nicely but > I haven''t been able to get cancan working correctly. I have one role > setup(admin). But when I try view the users index page it redirects me to > the homepage even though I''m an admin. ANy advice on where I may be going > wrong is most welcomed. > > Here is my code: > > # app/models/ability.rb > class Ability > > include CanCan::Ability > > def initialize(user) > user ||= User.new # guest user (not logged in) > if user.role? :admin > can :manage, :all > else > can :read, :all > end > end > end > > > > # app/controllers/users_controller.rb > class UsersController < ApplicationController > > load_and_authorize_resource > before_filter :authenticate_user! > > def index > @users = User.all > authorize! :manage, @users > > respond_to do |format| > format.html > format.json { render :json => @users } > end > end > end > > > > # app/controllers/application_controller.rb > class ApplicationController < ActionController::Base > > protect_from_forgery > > def after_sign_in_path_for(resource) > root_url > end > > rescue_from CanCan::AccessDenied do |exception| > redirect_to root_url, :alert => exception.message > end > > def current_ability > @current_ability ||= Ability.new(current_user) > end > > #load the permissions for the current user so that UI can be manipulated > def load_permissions > @current_permissions = current_user.role.permissions.collect{|i| > [i.subject_class, i.action]} > end > > end > > > > > > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/2bed2ef4-7810-4944-8199-5c63c63436a5%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.