search

SammyLin / redactor-rails

This repo is deprecated. Please check out official gem for Redactor 2. https://github.com/Redactor2/redactor2_rails
MIT License
389 stars 253 forks source link

Add skip_authorization_check seems to be required... #81

Open chrxs opened 11 years ago

chrxs commented 11 years ago

I'm using the redactor-rails in an admin section for an app, when a user logs in and then can edit content.

When I try to upload an image, I get the error:

This action failed the check_authorization because it does not authorize_resource.
Add skip_authorization_check to bypass this check.

Is there a way around this? Or something I'm doing wrong?

cheers

holgersindbaek commented 11 years ago

I'm having the same issue. How can I bypass this?

holgersindbaek commented 11 years ago

@chrxs @SammyLin What did you end up doing?

Averethel commented 11 years ago

+1

holgersindbaek commented 11 years ago

@Averethel Hi Sakwerda. Do you have a temporary solution to this one?

Averethel commented 11 years ago

I ended up with quite ugly workaround. I defined: redactor_controller? method in my ApplicationController returning true for redactor controllers (it was simple checking if controller is in the redactor namespace). Then according to CanCan documentation I added `check_authorization unless: :redactor_controller? which did a trick.

Other option would be to define a module adding skip_authorization_check and include it in the base redactor controller.

Or you can disable check_authorization. After all it's only a development help so you can live without it on production.

holgersindbaek commented 11 years ago

THanks for the quick response. I'll look into it.

Should be relatively easy to fix in the real gem though. Shouldn't it?

All the best

Holger Sindbaek Holgersindbaek.com (http://Holgersindbaek.com)

Co-founder Uninkd.com (http://Uninkd.com) Meer.li (http://Meer.li)

On Monday, August 26, 2013 at 4:48 PM, Krzysztof Sakwerda wrote:

I ended up with quite ugly workaround. I defined: redactor_controller? method in my ApplicationController returning true for redactor controllers (it was simple checking if controller is in the redactor namespace). Then according to CanCan documentation I added `check_authorization unless: :redactor_controller? which did a trick.
Other option would be to define a module adding skip_authorization_check and include it in the base redactor controller. Or you can disable check_authorization. After all it's only a development help so you can live without it on production.

— Reply to this email directly or view it on GitHub (https://github.com/SammyLin/redactor-rails/issues/81#issuecomment-23267442).

Averethel commented 11 years ago

You're welcome. That's true. I guess point is that not everyone is using CanCan ;)

lucasklaassen commented 9 years ago

Has a better solution been found for this?