CanCan doesn't work on this model

I kept on simplifying the code to get to the root of the problem and it
seems it won't work regardless of what I do.

in ability.rb
can :manage, :all

so it's supposed to allow the user to do ANYTHING right? wrong!

if in users_controller.rb I tried working with nested resources, it
ALWAYS gives me Access Denied error.

load_resource :company
load_resource :user, :through => :company

Try changing this to simply:


I believe that will get all of the nested stuff automagically, you don't have to specify the relationship. After all, that's what your models are for.


Ok, I read the CanCan documentation more carefully and this jumped out
the screen...
"This will fetch the project using Project.find(params[:project_id]) on
every controller action, save it in the @project instance variable..."

When I was going to /users the companies resource was empty and it would
throw the Access Denied error unless I used shallow nesting (:shallow =>

So I should've been going to /companies/45/users instead. Then companies
get loaded as well as users. My problem with this is that it can only
display users from a certain company.

I'm still not accomplishing what I want. Because the page should display
all companies and all users under each company. I'm closer to finding
the answer than I was before. I'll keep on trying.

Ok. This is the question I'm looking the answer for: how can I load and
authorize the companies in the users_controller.rb file?

I already tried load_and_authorize_resource :company

@companies and @company are empty in the view.