CanCan::AccessDenied in LocationController#show for all roles

Question

Using CanCan for authorization and Devise for authentication. I have three roles. Admin role has access to all actions. But when I am logged in as an admin, I still get Access Denied. What am I doing wrong?? Also I have been following this wiki for implementation

This is my controller code

class LocationController < ApplicationController
  #before_filter :authenticate, :only => [:title_clearing]
  before_filter :authenticate_user!
  load_and_authorize_resource

  def show
    @data = []
    if params[:Date].match(/^(19|20)\d\d[- \/.](0[1-9]|1[012])[- \/.](0[1-9]|[12][0-9]|3[01])$/).nil? == true
      @message = "Wrong Date Format"
    else
      @data = Location.show(params[:Date])
      if @data.size == 0
        @message = "No data exists for "+ params[:Date]
      else
        @message = "Data loaded successfully for "+ params[:Date]
      end
    end

    if params[:Date] == "all"
      @message = "All records loaded"
      @data = Location.show("all")
    end

  end
end

In the ability.rb

if user.is? :admin
    can :all, :location 
end
if user.is? :titleclearing
    can :title_clearing, :location
end
if user.is? :acquisitions
    cannot :title_clearing, :location 
end

In the user model

def role?(role)
    roles.include? role.to_s
end

Damien Roche Damien Roche · Accepted Answer · 2012-11-11T20:28:06

User proper CanCan convention:

if user.is? :admin
  can :manage, Location
end

Or, you can manage all:

can :manage, :all

CanCan::AccessDenied in LocationController#show for all roles

3 Answers