Open jmaniv opened 11 years ago
Thanks for your submission! The ryanb/cancan repository has been inactive since Sep 06, 2013. Since only Ryan himself has commit permissions, the CanCan project is on a standstill.
CanCan has many open issues, including missing support for Rails 4. To keep CanCan alive, an active fork exists at cancancommunity/cancancan. The new gem is cancancan. More info is available at #994.
If your pull request or issue is still applicable, it would be really appreciated if you resubmit it to CanCanCan.
We hope to see you on the other side!
I am using cancan 1.6.8 in my application
ApplicationController.rb
routes.rb
models/project.rb
ability.rb
tasks_controller.rb
url: http://localhost:3000/projects/2/tasks/1
Problem: CanCan doesn't authorize for nil object that means CanCan doesn't redirect to rootpath even @task object(@project.task)_ is nil (cancan allows to access show method). this happen only for singleton. I tested with has_many association(project has_many tasks) and redirecting with record not found exception.I fixed this issue by calling
authorize! :read, @task
manually inside my show method then only cancan redirecting to root_path but I have already loadedload_and_authorize_resource :task
in beginning of my TasksController.How does CanCan authorize nil object ?