Please read for an updated status on RailsCasts:
Learn more or hide this
GitHub User: abitdodgy
Did you solve this issue? I've having the same problem.
Were you able to solve this issue? I'm running into the same problem.
Did you solve this issue?
Were you able to solve this?
Where you able to find a solution to this? I'm facing the same problem.
Can partials be cached with this approach?
Sorry for sounding obtuse, but does that solve the issue with nested properties?
Shouldn't this episode be marked as revise? Check out episode 218:
Can you explain why find_by_user name is different than than the User.where example? I guess I don't understand why one should belong there and the other one is debatable...
Totally agreed. Writing authentication from scratch is so simple. The ugly side of Devise comes out when you start customising your app, and you spend more time fixing such issues than you would have had you written authentication from scratch.
What would be really helpful is how to extend this to handle nested resources... Has anyone extended this to use nested resources and have some guidance to share?
How do you adapt when authorization depends on a parent model when the resource is not a singleton? Say topics#index can only be accessed if the forum is public. The topics#index returns an array, not a singleton, so we can't call topics.forum.private?
I figured it out. Stupidly, my yield was inside of my if condition!
Does anyone have any idea to how to make this work with reserved subdomains? I want to render a StaticPages controller if no subdomain is present, or if it's a reserved one.
Originally I scoped everything through a current_account method as Ryan briefly mentioned in this episode. I only asked for the current_account if the subdomain was not reserved, or if there was no subdomain.
if request.subdomain.present? && !Account.reserved_subdomain?(request.subdomain)
@account ||= Account.find_by_subdomain!(request.subdomain)
This meant www or no subdomain can be routed to a controller of my choice. Using Ryna's approach, however, prevents the view from rendering when no subdomain is specified, or when it's reserved.
Any ideas how to get around this limitation? This is what I get, but the page is completely blank:
Started GET "/" for 127.0.0.1 at 2012-10-22 21:47:06 -0200
Processing by StaticPagesController#home as HTML
Completed 200 OK in 0ms (ActiveRecord: 0.0ms)
+1 for testing... if not talk about it, include some example tests in the episode source code!
In addition to this, does anyone know how we can authorise child objects based on an association of the parent? I also posted about this here:
The docs breifly discuss this under "Accessing parent ability" (https://github.com/ryanb/cancan/wiki/Nested-Resources) but no mention of associations is made.
Are there any gotcha for using authorize_resource as opposed to load and authorize_resource? I'm getting different behaviour, where load and authorize works, but authorize does not prevent access to a resouce.
I posted a question on this: http://stackoverflow.com/questions/12860146/cancan-not-preventing-access-when-it-should
I have no clue why this is behaving in such a way!
Can you elaborate on why using attr_accessible as: :admin is a better approach than Ryan's approach?