Create a gist now

Instantly share code, notes, and snippets.

class AdminAbility
include CanCan::Ability
def initialize(user)
can :access, :dashboards
end
end
class AdminController < ApplicationController
before_filter :authenticate_user!
# before_filter do
# flash[:error] = "Unauthorised Access Denied!" unless current_user && current_user.admin?
# redirect_to '/' unless current_user && current_user.admin?
# end
enable_authorization
# rescue_from CanCan::Unauthorized do |exception|
# redirect_to root_url, :alert => exception.message
# end
def current_ability
@current_ability ||= AdminAbility.new(current_user)
end
end

Visiting /admin

CanCan::Unauthorized in Admin::DashboardController#index
You are not authorized to access this page.
namespace :admin do
root :to => 'dashboard#index'
@bsodmike
Owner

Note that DashboardController inherits from the AdminController as class Admin::DashboardController < AdminController

@ryanb

Try can :access, :dashboard instead to match the name of the controller. This is just off the top of my head, haven't experimented with this much recently.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment