Login/Register
Activeadmin : undefined method `access_denied'
Asked Answered
Solved ruby-on-railsdeviseactiveadmincancan
A

1

5

I use rails 5.0 cancan 1.6.10 devise 4.2.0 Activeadmin

I regulary have this error in newrelic : 

NoMethodError: undefined method `access_denied' for #<Admin::FollowupsController:0x007f112917d270>

In active_admin.rb i set :access_denied in the config : 

  config.on_unauthorized_access = :access_denied

How can I remove this error and have a good management of redirection for access_denied instead of a 500 ?

Aghast answered 9/11, 2017 at 13:12 Comment(1)
Is everything works fine (no 500 error) if you log out and then visit the same admin page as unauthorized guest user?Diastyle
S
6

As you have configured ActiveAdmin to use :access_denied method on unauthorized access, you need to define this method in application_controller.rb and redirect the user from the page they don't have permission to access to a resource they have permission to access. You may also display the error message in the browser. A typical example:

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception

  def access_denied(exception)
    redirect_to admin_root_path, alert: exception.message
  end
end

An example of redirecting to the home page for HTML requests and returning 403 Forbidden for JSON requests:

def access_denied(exception)
  respond_to do |format|
    format.json { head :forbidden, content_type: 'text/html' }
    format.html { redirect_to main_app.root_url, notice: exception.message }
  end
end

If you prefer to return the 403 Forbidden HTTP code, create a public/403.html file and render it like so:

def access_denied(exception)
  render file: Rails.root.join('public', '403.html'), 
         status: 403, 
         layout: false
end
Shoemake answered 9/11, 2017 at 16:11 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.