Authorizing resource through another fails with multiple joins in Rails 3.1rc6

[mattmueller]

Setup: a place habtm clients (pure join table), a client account has many clients.

Client Account Abilities defined like this:

can :manage, Place, :clients => { :id => client_ids }
can :manage, Client, :client_account_id => client_account.id

Authorizing like this:

before_filter :check_authenticate_user
load_and_authorize_resource :client
load_and_authorize_resource :place, :through => :client

The index action is using an invalid query:

PGError: ERROR:  table name "clients_places" specified more than once
: SELECT COUNT(*) FROM "places" INNER JOIN "clients_places" ON "clients_places"."place_id" = "places"."id" INNER JOIN   "clients" ON "clients"."id" = "clients_places"."client_id" INNER JOIN "clients_places" ON "places"."id" =   "clients_places"."place_id" WHERE "clients_places"."client_id" = 2 AND ('t'='t')

This was working fine in 3.0.9.

[jaredbeck]

Can you try the most recent version of cancan (currently 1.6.10) to see if your issue has been resolved?

This is one of the oldest CanCan issues with no discussion. CanCan is struggling right now to implement support for rails 4, and the issue count is nearing 200. It would be a big help if we could close a few old issues and get the issue count down. Thanks!

[xhoy]

Thanks for your submission! The ryanb/cancan repository has been inactive since Sep 06, 2013. Since only Ryan himself has commit permissions, the CanCan project is on a standstill.

CanCan has many open issues, including missing support for Rails 4. To keep CanCan alive, an active fork exists at cancancommunity/cancancan. The new gem is cancancan. More info is available at #994.

If your pull request or issue is still applicable, it would be really appreciated if you resubmit it to CanCanCan.

We hope to see you on the other side!