I use CanCan for permissions in my Rails application, in which I created my own engine for some common form functions. I would like to block access rights in my system so that users cannot freely access the actions of my controllers. These controllers, for the most part, simply use 7 REST actions, so I would like to use the CanCan load_and_authorize_resource at the top of each controller.
However, when I write my code as follows:
module MyEngine class FormController < ApplicationController load_and_authorize_resource ... end end
I get this error:
uninitialized constant Form
I assume that the automatic loader in load_and_authorize_resource bound to my MainApp namespace and does not recognize that I am calling it in a different namespace, but also a call like Form.find(params[:id]) , not MyEngine::Form.find(params[:id]) .
If so, how can I fix it? This is not a huge deal because authorize! it still works correctly, so I can define authorization in each action individually, but it would be much cleaner if I could use the load_and_authorize_resource method.
source share