Reputation: 21
Rails cancan load_and_authorize_resource not working
I committed to customize a project, which has cancan authentication.
my cancan ability.rb
if user.has_role? :super_admin
can :manage, :all
elsif user.has_role? :site_admin
can :manage, [User, Listing]
elsif user.has_role? :manager
can :manage, Listing, :user_id => user.id
end
my models:
User
Listing has_many :listing_types
ListingType belongs_to :listing
now i created a new model ListingDetail belongs_to :listing
controller listing_details which has load_and_authorize_resource
when i access this page from manager role, it redirect to login page
(in my admin namespace's index controller's index action i redirected to login page for nil user )
why this is happening?
Upvotes: 2
Views: 2473
Answers (1)
Reputation: 3304
You cannot access the ListingDetail controller as a manager because you've only been granted permissions on the Listing object. To add permissions for ListingDetails only on Listings you own, add the following to your manager permissions:
can :manage, ListingDetail, :listing => {:user_id => user.id}
Upvotes: 7
Related Questions
- cancancan authorize_resource not working as expected
- Getting Cancan's load_and_authorize_resource working within a custom create action
- CanCanCan load_and_authorize_resource
- load_and_authorize_resource null cancancan
- Using CanCan authorize_resource in odd controller
- Rails 4 with CanCan: unknown attribute error after including load_and_authorize_resource
- Issue with CanCan resource loading
- Rails: authorizing user with CanCan gem issue
- CanCan authorization issue
- Rails Authorization with CanCan Problem