Cancan, rolify, and active admin

ability.rb

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user (not logged in)
    if user.has_role? :admin # rolify
      can :manage, :all
      can :access, :ckeditor
      # Performed checks for actions:
      can [:read, :create, :destroy], Ckeditor::Picture
      can [:read, :create, :destroy], Ckeditor::AttachmentFile
    else
      # see https://github.com/gregbell/active_admin/blob/master/docs/13-authorization-adapter.md#using-the-cancan-adapter
      cannot :manage, ActiveAdmin::Page
    end
    # Define abilities for the passed in user here. For example:
    #
    #   user ||= User.new # guest user (not logged in)
    #   if user.admin?
    #     can :manage, :all
    #   else
    #     can :read, :all
    #   end
    #
    # The first argument to `can` is the action you are giving the user permission to do.
    # If you pass :manage it will apply to every action. Other common actions here are
    # :read, :create, :update and :destroy.
    #
    # The second argument is the resource the user can perform the action on. If you pass
    # :all it will apply to every resource. Otherwise pass a Ruby class of the resource.
    #
    # The third argument is an optional hash of conditions to further filter the objects.
    # For example, here the user can only update published articles.
    #
    #   can :update, Article, :published => true
    #
    # See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
  end
end

active_admin_authorization_adapter.rb

require 'cancan'

# Add a setting to the application to configure the ability
ActiveAdmin::Application.inheritable_setting :cancan_ability_class, "Ability"



  class ActiveAdminAuthorizationAdapter < ActiveAdmin::AuthorizationAdapter

    def authorized?(action, subject = nil)
      cancan_ability.can?(action, subject) || fail(CanCan::AccessDenied.new)
    end

    def cancan_ability
      @cancan_ability ||= initialize_cancan_ability
    end

    def scope_collection(collection)
      collection.accessible_by(cancan_ability)
    end

    private

    # The setting allows the class to be stored as a string
    # to enable reloading in development.
    def initialize_cancan_ability
      ability_class_name = resource.namespace.cancan_ability_class

      if ability_class_name.is_a?(String)
        ability_class = ActiveSupport::Dependencies.constantize(ability_class_name)
      else
        ability_class = ability_class_name
      end

      ability_class.new(user)
    end

  end

active_admin_initializer.rb

  # == User Authentication
  #
  # Active Admin will automatically call an authentication
  # method in a before filter of all controller actions to
  # ensure that there is a currently logged in admin user.
  #
  # This setting changes the method which Active Admin calls
  # within the controller.
  config.authentication_method = :authenticate_user!
  # https://github.com/gregbell/active_admin/blob/master/lib/active_admin/authorization_adapter.rb
  # https://github.com/gregbell/active_admin/blob/master/docs/13-authorization-adapter.md
  # https://github.com/gregbell/active_admin/blob/master/lib/active_admin/application.rb
  require Rails.root.join('lib/active_admin_authorization_adapter')
  config.authorization_adapter = 'ActiveAdminAuthorizationAdapter'
  # config.cancan_ability_class = "Ability"
  # config.namespace :admin do |ns|
  #   ns.authorization_adapter = "AdminAuthorization"
  # end
  # class OnlyAdmins < ActiveAdmin::AuthorizationAdapter
  #   def authorized?(action, subject = nil)
  #     user.admin?
  #   end

  # end

application_controller.rb

rescue_from CanCan::AccessDenied do |exception|
  redirect_to root_path, :alert => exception.message
end

user.rb

# role = 'admin'
# Role.find_or_create_by_name({ :name => role }, :without_protection => true)
# user.add_role :admin
class User < ActiveRecord::Base
  rolify
end

ArgumentError (wrong number of arguments (given 2, expected 1)):

lib/active_admin_authorization_adapter.rb:15:in `scope_collection'