CanCanCommunity/cancancan

Issues

• Abilities with accepts_nested_attributes

  #774 opened 2 years ago by hidr0
  1

• Can't apply rules to `create` action without affecting `new` because of aliasing

  #832 opened 7 months ago by durierem
  12

• Support Rails's `attribute` in Cancancan's `permitted_attributes`

  #838 opened 5 months ago by kalsan
  1

• Resource Loader gets ignored with Whitespace-Only ID in URL (e.g., "\n")

  #835 opened 6 months ago by Federico-G
  0

• Creating resource failes when association is polymorphic and singleton.

  #830 opened 8 months ago by ccfz
  0

• Rules for STI subclasses apply to parent classes in accessible_by

  #771 opened 2 years ago by sam-carlberg
  4

• Extra table alias is being generated, but then ignored in the final stage of an accessible_by query

  #827 opened 9 months ago by walterdavis
  1

• Granting read permission on intermediate STI table prevents any records being returned

  #810 opened a year ago by owst
  4

• Why are merged rules still bound to the merged Ability class?

  #825 opened a year ago by niuage
  0

• How to define ability action name that is same as the default action aliases?

  #824 opened a year ago by s101d1
  0

• Association is renamed in SQL and results in unknown column error

  #790 opened 2 years ago by 23tux
  2

• Possible breaking change with handling of `nil` conditions in 3.5.0

  #821 opened a year ago by CJStadler
  0

• STI normalizer fails when existing rule conditions are relation

  #794 opened a year ago by adzap
  2

• Polymorphic associations do not support computing the class

  #793 opened a year ago by chubchenko
  12

• STI parent access denied after adding cannot on child

  #768 opened 2 years ago by gryphon
  2

• can? should return false when there are no attributes that the current user can perform action on

  #816 opened a year ago by michaelcohenunsw
  0

• `can?` unnecessarily loads relationships in memory when it could leverage `accessible_by`

  #812 opened a year ago by oboxodo
  1

• inconsistent behaviour with Hash subjects

  #811 opened a year ago by christian-toscano
  0

• Selective permissions on STI sub-classes not respected by accessible_by

  #809 opened a year ago by owst
  1

• Undefined Method exception when block is passed with curly braces

  #720 opened 3 years ago by mateusfdl
  1

• Deep conditions nesting on sqlite => stack overflow

  #805 opened a year ago by NikolaiKircher
  0

• cancancan is chaninging my get request ID

  #803 opened 2 years ago by aamirk2244
  1

• Controller helper loads everything for show/edit

  #746 opened 2 years ago by Sharparam
  1

• Gemspec does not have Rails version dependency for various version of the gem

  #802 opened 2 years ago by kiransajeev
  0

• Nil values on enums fails to authorize

  #800 opened 2 years ago by patodevilla
  0

• Running dangerous :show permission when the resource name is passed and mismatch the controller name

  #791 opened 2 years ago by enmanuelm19
  3

• undefined method `#{parent_name}=' for singleton associations

  #795 opened 2 years ago by heaven
  0

• RulesCompressor is too aggressive

  #783 opened 2 years ago by c960657
  2

• ActiveRecord still used

  #742 opened 2 years ago by brilnius
  5

• Dynamically modify hash can ability

  #710 opened 2 years ago by arthurwozniak
  2

• Slowness with cancancan 3.2+

  #716 opened 2 years ago by mathieujobin
  10

• [BUG] Application crashes on Ruby 3

  #770 opened 2 years ago by mike927
  2

• PG::UndefinedTable: ERROR: missing FROM-clause entry for table for Polymorphic Relationship

  #696 opened 3 years ago by dalezak
  9

• Change Authorization Model

  #789 opened 2 years ago by danieljgp2
  1

• Extension: Multiple scoped rule definitions

  #788 opened 2 years ago by Taeir
  0

• authorize! no longer returns the authorized resource

  #787 opened 2 years ago by walterdavis
  0

• :destroy ability seems to misbehave

  #782 opened 2 years ago by stasou
  1

• Cancancan Wiki is gone

  #732 opened 3 years ago by hsonthach
  1

• When authorize_resource is called before loading the instance, it grants access to unauthorized actions

  #719 opened 3 years ago by duarme
  3

• Upgrade from 2.x to 3.x Guide

  #734 opened 3 years ago by bueti
  2

• Working with large collections

  #733 opened 3 years ago by dmke
  1

• global access to an attribute appears to grant global access to the the object as well

  #728 opened 3 years ago by nevinera
  5

• Handling soft-deletes

  #700 opened 3 years ago by gingerlime
  7

• Override loading is not preventing CanCanCan from loading it again if the previous load was nil

  #731 opened 3 years ago by pjmartorell
  0

• Assign access permissions to a model according to the role of the current_user

  #729 opened 3 years ago by francofer7
  0

• Version 3.2.2

  #715 opened 3 years ago by reedstonefood
  1

• load_and_authorize_resource is not working properly after a before_action find

  #703 opened 3 years ago by Babbz75
  7

• Cannot use MySQL UUID through binary type

  #690 opened 3 years ago by kaspernj
  0

• Checking with Class vs an instance - question not an issue.

  #681 opened 3 years ago by nfstern
  3

• This model adapter does not support fetching records from the database

  #683 opened 3 years ago by aniketstiwari
  0