cancan not recognizing read operations and rejecting messages

Question

I have routes.rb:

resource :account, :only => [:show, :update]

In my ability.rb, I have

can :read, Account, :id => user.account_id

I have defined def update and def show functions in my AccountsController

This configuration gives me 403, Access denied error when I do a GET request for /account. But if I change my ability.rb to

can :manage, Account, :id => user.account_id

it works fine. Any reason why my :show function is not being mapped to :read?

score 0 · Answer 1 · answered Oct 16 '12 at 17:48

All right, I figured out what the problem was. So the deal was that I was calling the cancan's authorize! function myself for some constraints on my code, and I was passing something like

authorize!("show", @class_obj)

But actually CanCan expects a symbol, so the right call should be

authorize!(:show, @class_obj)

which can be achieved like this:

authorize!("show".intern, @class_obj)

cancan not recognizing read operations and rejecting messages

1 Answers1