Rails 3.2.11 Ruby 2

Hi,

I am building my first rails app and decided to use Devise(2.2.4) and Cancan(1.6.10) for auth and role management. The auth part works nicely but I haven’t been able to get cancan working correctly. I have one role setup(admin). But when I try view the users index page it redirects me to the homepage even though I’m an admin. ANy advice on where I may be going wrong is most welcomed.

Here is my code:

app/models/ability.rb

class Ability

include CanCan::Ability

def initialize(user) user ||= User.new # guest user (not logged in) if user.role? :admin can :manage, :all else can :read, :all end end end

app/controllers/users_controller.rb

class UsersController < ApplicationController

load_and_authorize_resource before_filter :authenticate_user!

def index @users = User.all authorize! :manage, @users

respond_to do |format|
  format.html
  format.json  { render :json => @users }
end

end end

app/controllers/application_controller.rb

class ApplicationController < ActionController::Base

protect_from_forgery

def after_sign_in_path_for(resource) root_url end

rescue_from CanCan::AccessDenied do |exception| redirect_to root_url, :alert => exception.message end

def current_ability @current_ability ||= Ability.new(current_user) end

#load the permissions for the current user so that UI can be manipulated def load_permissions @current_permissions = current_user.role.permissions.collect{|i| [i.subject_class, i.action]} end

end

if user.role? :admin looks strange. the .role? indicates that it is a boolean, no?

Rails 3.2.11 Ruby 2

Hi,

I am building my first rails app and decided to use Devise(2.2.4) and Cancan(1.6.10) for auth and role management. The auth part works nicely but I haven't been able to get cancan working correctly. I have one role setup(admin). But when I try view the users index page it redirects me to the homepage even though I'm an admin. ANy advice on where I may be going wrong is most welcomed.

Here is my code:

# app/models/ability.rb class Ability

  include CanCan::Ability

  def initialize(user)     user ||= User.new # guest user (not logged in)     if user.role? :admin       can :manage, :all     else       can :read, :all     end   end end

# app/controllers/users_controller.rb class UsersController < ApplicationController

  load_and_authorize_resource   before_filter :authenticate_user!

  def index     @users = User.all     authorize! :manage, @users

    respond_to do |format|       format.html       format.json { render :json => @users }     end   end end

# app/controllers/application_controller.rb class ApplicationController < ActionController::Base

  protect_from_forgery

  def after_sign_in_path_for(resource)     root_url   end

  rescue_from CanCan::AccessDenied do |exception|     redirect_to root_url, :alert => exception.message   end

  def current_ability     @current_ability ||= Ability.new(current_user)   end

This may be the problem. I have never once defined the current_ability method, just relied on CanCan to provide it. See what happens if you comment this out and restart your server.

Walter

Thanks for the replies, I got to the bottom of the issue. I was following this in a tutorial and had the following on my users model, which was converting the role name to camelcaze, so when I removed the “.camelize” it let me in to the restricted pages as expected. Thanks again for the help!

def role?(role) return !!self.roles.find_by_name(role.to_s.camelize) end