cancancan
https://github.com/cancancommunity/cancancan
Ruby
The authorization Gem for Ruby on Rails.
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
10 Subscribers
Add a CodeTriage badge to cancancan
Help out
- Issues
- When authorize_resource is called before loading the instance, it grants access to unauthorized actions
- Support combining scopes when loading records, use Arel instead of SQL
- load_and_authorize_resource is not working properly after a before_action find
- PG::UndefinedTable: ERROR: missing FROM-clause entry for table for Polymorphic Relationship
- Use `relation.and` instead of `relation.merge` whenever possible.
- Confirm that `:manage` and `:all` also apply to `cannot`
- Cannot use MySQL UUID through binary type
- STI type in SQL set differently from actual class
- Override parent controller authorization options
- Children / sub-actions accessible even if object is unauthorized
- Docs
- Subscribe to help with docs for this repo and come back later