forked from ryanb/cancan
-
Notifications
You must be signed in to change notification settings - Fork 0
Devise
matfiz edited this page Mar 14, 2013
·
3 revisions
You can bypass Cancan 2.0's authorization for Devise controllers similar to Cancan 1.6:
class ApplicationController < ActionController::Base
protect_from_forgery
check_authorization :unless => :devise_controller?
endIt may be a good idea to specify the rescue from action:
rescue_from CanCan::AccessDenied do |exception|
if current_user.nil?
session[:next] = request.fullpath
puts session[:next]
redirect_to login_url, :alert => "You have to log in to continue."
else
#render :file => "#{Rails.root}/public/403.html", :status => 403
if request.env["HTTP_REFERER"].present?
redirect_to :back, :alert => exception.message
else
redirect_to root_url, :alert => exception.message
end
end
end