When using the CanCan adapter in ActiveAdmin 0.6.0. I have a resource working and authorization is working. However, when I go to /admin
, the root ActiveAdmin page, it redirects to /admin
and continues this forever.
If the user does not have access to a page, ActiveAdmin redirects to the Dashboard. If the user doesn't have access to the dashboard, this results in an infinite redirect.
Solution is to give the user the ability to read the dashboard page. Place this in the ability model object:
can :read, ActiveAdmin::Page, :name => "Dashboard"
This is mentioned in the authorization adapter documentation, but the infinite redirect seems to be caused by a bug in ActiveAdmin. It is neither raising a CanCan::AccessDenied, nor displaying an message to the user. At the least, it should display a message in development to help troubleshoot this issue. But it does not currently.
You can use config.on_unauthorized_access
config option as described here.
# You can also specify a method to be called on unauthorized
# access. This is necessary in order to prevent a redirect
# loop that can happen if a user tries to access a page they
# don't have permissions for
# (see [#2081](https://github.com/gregbell/active_admin/issues/2081)).
config.on_unauthorized_access = :render_403
The method
access_denied
would be defined inapplication_controller.rb
. Here is one example that redirects the user from the page they don't have permission to access to a resource they have permission to access (organizations in this case), and also displays the error message in the browser:class ApplicationController < ActionController::Base
def access_denied(exception) redirect_to admin_organizations_path, :alert => exception.message end
end
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With