Merge pull request activeadmin#2462 from monfresh/patch-1

Add documentation about on_unauthorized_access option for use with CanCan
bazlo · Sep 8, 2013 · e80686f · e80686f
2 parents 67b14d2 + ec67574
commit e80686f
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/docs/13-authorization-adapter.md b/docs/13-authorization-adapter.md
@@ -181,6 +181,27 @@ To use the CanCan adapter, simply update the configuration in the Active Admin
 initializer:
 
     config.authorization_adapter = ActiveAdmin::CanCanAdapter
+
+You can also specify a method to be called on unauthorized access. This is necessary
+in order to prevent a redirect loop that can happen if a user tries to access a page
+they don't have permissions for (see [#2081](https://github.com/gregbell/active_admin/issues/2081)).
+```ruby
+config.on_unauthorized_access = :access_denied
+```    
+The method `access_denied` would be defined in `application_controller.rb`. Here is one
+example that redirects the user from the page they don't have permission to
+access to a resource they have permission to access (organizations in this case), and
+also displays the error message in the browser:
+
+```ruby
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+
+  def access_denied(exception)
+    redirect_to admin_organizations_path, :alert => exception.message
+  end
+end
+```
 
 By default this will use the ability class named "Ability". This can also be
 changed from the initializer: