Stack Overflow
Stack Overflow

Questions tagged [cancan]

The CanCan gem offers a straight forward and flexible way to define what a user can and cannot do.

CanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access.

CanCan uses a model to define the abilities of a user. Inside the class you declare what a user can and cannot do by using the “can” method. From your controllers you use the "can?" method to test the current user's authorization.

As development on CanCan is no longer active, it has been continued on under the new name CanCanCan.

Wiki

1405 questions
5
votes
2 answers

CanCan and accessible_by give an error, that The SQL cannot be determined

I need some advice. In my controller, I have an error: "The accessible_by call cannot be used with a block 'can' definition. The SQL cannot be determined ..." Group controller code: @groups =…
justi
  • 3,887
  • 2
  • 18
  • 24
5
votes
1 answer

How do you write a cancan ability so can? and accessible_by both work on self referencing HABTM relation?

I am stumped on how to handle this situation using a self referencing HABTM relation, cancan, and ActiveRecord. I am trying to use accessible_by to determine a set of videos that are visible given a relationship between videos and channels, but the…
Troy
  • 5,319
  • 1
  • 35
  • 41
5
votes
1 answer

cancan - "can :manage, all". I haven't been able to get access to all in rails 3 app with devise

I am using "check authorization" in the application controller so every action will require a permission. I'm starting with giving me, the superadmin :=], permissions to manage all. I thought manage all would give me access to the whole app without…
Jay
  • 6,206
  • 11
  • 48
  • 82
5
votes
1 answer

RoutingError resulting from 'redirect_to root_url' not passing action

With a standard install of Rails_Admin using Devise for authentication and CanCan for authorization, accessing http://localhost:3000/admin as a non-admin user produces the following server log: Started GET "/admin" for 127.0.0.1 at 2011-08-09…
IanWhalen
  • 801
  • 11
  • 29
5
votes
2 answers

Allow anonymous/guest user to "try out" functionality without registering in Rails/Devise/CanCan app

I'm developing a Rails 3 app using Devise and CanCan. The app allows anonymous (not registered) users to access some of the app, and registered users to access other parts. One aspect of the app (a yoga workout app) is that users can create Yoga…
Edward M Smith
  • 10,627
  • 2
  • 46
  • 50
5
votes
1 answer

Activeadmin : undefined method `access_denied'

I use rails 5.0 cancan 1.6.10 devise 4.2.0 Activeadmin I regulary have this error in newrelic : NoMethodError: undefined method `access_denied' for # In active_admin.rb i set :access_denied in the…
Jaycreation
  • 2,029
  • 1
  • 15
  • 30
5
votes
1 answer

Rspec, CanCan and Devise

I am starting a project and i would like to be able to test everything :) And i have some problems with CanCan and devise. For exemple, I have a controller Contacts. Everybody can view and everybody (excepts banned people) can create…
Arkan
  • 6,196
  • 3
  • 38
  • 54
5
votes
2 answers

Integrate Mongoid and CanCan

Have somebody tried to rewrite CanCan ActiverRecordAddtions for Mongoid http://github.com/ryanb/cancan/blob/master/lib/cancan/active_record_additions.rb Regards, Alexey Zakharov
Alexey Zakharov
  • 24,694
  • 42
  • 126
  • 197
5
votes
3 answers

Best way to handle multitenancy in Rails 3

I'm building multi-tenant application. All data isolation is done by TenantID column in each table. What is the best way to automatically handle multi-tenancy for all tenant models. Example: Contacts.new({.....}) should automatically add :tenant =>…
Alexey Zakharov
  • 24,694
  • 42
  • 126
  • 197
5
votes
1 answer

Rails Authorization with CanCan Problem

On my rails app I have implemented AuthLogic and CanCan. However when trying to figure out if the user can manage an article (checks if he is owner through the article.user_id) with CanCan I am running into issues. This should be straight forward I…
bmck
  • 755
  • 1
  • 8
  • 19
5
votes
2 answers

CanCan skip authorization for some action

I have problem with CanCan gem which I can't solve. In my controller I have action "confirm" which is a member route for "reservations" resource. I don't want to authorize resource by CanCan in this action so I do something like that in…
Mateusz Urbański
  • 7,352
  • 15
  • 68
  • 133
5
votes
3 answers

How do you add roles rolify using cancan and devise?

I get that there are a lot of questions on this subject but none have really answered what i'm looking for. I'm attempting to use rolify to define my roles in cancan, i was able to make an admin role via rails console and set the default role for…
user922592
5
votes
2 answers

How can I default an ancestral relationship with cancan to an internal node of the tree?

I am using cancan to authorize my controller actions. One of classes where access is authorized by cancan is a tree, implemented with acts_as_ancestry. I'm having problems using load_and_authorize_resource when the user is not permitted to access…
John Naegle
  • 8,077
  • 3
  • 38
  • 47
5
votes
1 answer

mocking CanCan authorization while testing controllers with RSpec

Here is the Controller I want to test: class UsersController < ApplicationController load_and_authorize_resource def index @users = User.all respond_to do |format| format.html # index.html.erb format.json { render json:…
enricostn
  • 411
  • 4
  • 13
5
votes
1 answer

Authorizing Namespaced and Nested controllers using CanCan

I having quite a bit of troubling getting cancan to authorize my new routes setup below: namespace :api do namespace :v1 do resources :users do resources :user_songs resources :friendships resources :plays resources :likes …
nvd
  • 322
  • 3
  • 9
1 2 3
93 94