dp.cx blog

Posted on

Filed under rails, cancan, and devise

We're migrating capabilities to a centralized location, which happens to be Rails based. All of the resources are protected with CanCan and Devise, but I needed a single controller method to not be protected.

Disabling the CanCan portion was easy:

skip_authorize_resource :only => :uri

Disabling Devise took a bit more work:

skip_authorize_resource :only => :uri

Now, requests to the :uri method won't need to be authenticated.