secret
Created

  • Download Gist
admin_ability.rb
Ruby
1 2 3 4 5 6 7
class AdminAbility
include CanCan::Ability
 
def initialize(user)
can :access, :dashboards
end
end
admin_controller.rb
Ruby
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
class AdminController < ApplicationController
before_filter :authenticate_user!
# before_filter do
# flash[:error] = "Unauthorised Access Denied!" unless current_user && current_user.admin?
# redirect_to '/' unless current_user && current_user.admin?
# end
 
enable_authorization
# rescue_from CanCan::Unauthorized do |exception|
# redirect_to root_url, :alert => exception.message
# end
def current_ability
@current_ability ||= AdminAbility.new(current_user)
end
end
error.md
Markdown

Visiting /admin

CanCan::Unauthorized in Admin::DashboardController#index
You are not authorized to access this page.
routes.rb
Ruby
1 2
namespace :admin do
root :to => 'dashboard#index'

Note that DashboardController inherits from the AdminController as class Admin::DashboardController < AdminController

Try can :access, :dashboard instead to match the name of the controller. This is just off the top of my head, haven't experimented with this much recently.

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.