Prefixed params key used in load_resource, mountable engine

[wittfeldt]

I found an issue with load_resource when used in a mountable engine controllers. In the create action, CanCan uses "engine_foo" instead of "foo" when fetching from params which results in an empty model instance.

The engine isolate_namespace applies some magic to form builders which hides the fact that the model is namespaced. I guess CanCan should follow this convention?

[alex-handley]

@wittfeldt did you find a fix for this?

[wittfeldt]

Just a temporary fix for now, in my engine class:

# Monkey patch CanCan so that it uses xxx instead of itc_xxx as params key
config.to_prepare do
  CanCan::ControllerResource.class_eval do
    def resource_params_by_namespaced_name
      @params[extract_key(name)]
    end
  end
end

[alex-handley]

Thanks, I will take a look and see if I can solve this.

[alex-handley]

Hi @wittfeldt I made this demo app and it seems to work ok, have you got things setup differently?

https://github.com/alex-handley/cancan-engines-naming-issue-910

[wittfeldt]

Thanks for investigating this (and sorry for the late followup) The demo app is similar to what I'm doing, however my app is completely "empty" except for the ability.rb class. I.e everything including the cancan dependency and User model is defined in the engine. I'll experiment a bit more and see if I can find a solution that doesn't require the monkey patch.

[wittfeldt]

Now I understand why the demo app works. Cancan's load_resource actually fails to do its job (as in my app) but your're also assigning params data manually in your controller actions (which I don't)

Try commenting out row 47 in PostsController and create a new Post. It will be empty because CanCan tries to populate it using "blog_post" params key...

[alex-handley]

Hey, sorry been busy at work. Have you tried the latest release of cancan?