Rich and CanCan

[Saicheg]

Hi!

We are using rails-admin + cancan + rich for our admin panel. So we don't have separate AdminUser model for rails-admin and use cancan role instead.

The problem is that i can't access file upload dialog. I am getting this error from cancan:

'This action failed the check_authorization because it does not authorize_resource. Add skip_authorization_check to bypass this check.'

Any ideas how i can include cancan's authorize_resource to Rich::FilesController?

[bastiaanterhorst]

Hi, You can set the authentication method that Rich uses in the initializer. You could try setting it to a custom method of your own which does whatever you need to authenticate a user.

Hope this helps!

[Saicheg]

Yeah, i see that. I will dig deeper inside how cacan handles authentication for users and submit my solution here.

[Saicheg]

@bastiaanterhorst i spent 2 hours today working on that issue and didn't find any solution for that. main reason that cancan create before_filter for checking authorization with a block instead of some method and delegate all logick to object, so you can't call it directly: See this: https://github.com/ryanb/cancan/blob/master/lib/cancan/controller_resource.rb

controller_class.send(before_filter_method, options.slice(:only, :except, :if, :unless)) do |controller|
  controller.class.cancan_resource_class.new(controller, resource_name, options.except(:only, :except, :if, :unless)).send(method)
end

Any suggestions?

[bastiaanterhorst]

@dunyakirkali do you have any idea?