Authorizing Namespaced and Nested controllers using CanCan
Found out the answer: It was the namespace after all, it just needed a
can :access, "api/v1/likes"
CanCan: load_and_authorize_resource in namespace other than that of MainApp
It seems to be a bug in CanCan::ControllerResource#namespace
:
def namespace
@params[:controller].split("::")[0..-2]
end
As you see, it tries to split controller path by ::
but it comes in the form of my_engine/my_controller
.
So the fix is dumb simple:
def namespace
@params[:controller].split("/")[0..-2]
end
Wonder how they could miss such a stupid bug for so long. Shall send them a pull request.
P.S. Have just signed up to answer 8)
Devise, cancan, and namespace routes
With plain cancan I think the only option would be to override all behavior:
can do |action, subject_class, subject|
# custom logic to allow or deny permission
end
They show an example of this here: https://github.com/ryanb/cancan/wiki/Abilities-in-Database
The other option would be use the cancan_namespace
gem: https://github.com/galetahub/cancan_namespace
Cancancan: set authorization for all controllers
Yes you can. See this link
class ApplicationController < ActionController::Base
check_authorization
end
How to manage permissions with CanCan on namespaced web app?
Problem solved with this solution:
https://github.com/ryanb/cancan/wiki/Authorization-for-Namespaced-Controllers
Related Topics
What Orm to Use in One Process Multiple Db Connections Sinatra Application
Updating from Rails 4.0 to 4.1 Gives SASS-Rails Railties Version Conflicts
Rails 4 Error with Every Command "'Load': No Implicit Conversion of Nil into String" (MAC Os X 10.9)
How Does Count Method Works in Ruby
What's the Best Way to Return an Enumerator::Lazy When Your Class Doesn't Define #Each
Ssl_Connect Error When Accessing Shopify API with Rubygem
How to Create a Custom Method for the Rails Console
Fileutils.Mv Throwing Invalid Char \302 and \255 Exception
Rails 4 Many to Many Association Not Working
How to Capture a Part of a Screen Using Ruby on Windows
Ruby on Rails Active Admin Has_Many Changing Dropdown to Use a Different Column
How to Make a Ruby Script Using Trollop for Command Line Parsing
Error Creating Rails Db Using Rake Db:Create
Using Watir to Check for Bad Links
Changing Http Status Message Using Sinatra