CanCan/Rolify gives incorrect Ability results

Question

Given the following Ability;

class Ability
  include CanCan::Ability
   def initialize(user)
    user ||= User.new # guest
    if user.has_role? :project_lead
      can :read, Project, :id => Project.with_role(:project_lead, user).pluck(:id)
    end
  end
end

Why do I get false for this user's ability to :read the project?

>>u=User.find_by_login("test")
>>p=Project.find(1)
>>u.add_role :project_lead, p
>>u.roles
[#<Role id: 10035, name: "project_lead", resource_id: 1, resource_type: "Project", created_at: "2013-11-28 09:18:58", updated_at: "2013-11-28 09:18:58">]

>>a=Ability.new(u)
>>a.can? :read, p
false

I've noticed that when initialising the Ability, the WHERE clause ends with:

AND (((roles.name = 'project_lead') AND (roles.resource_type IS NULL) AND (roles.resource_id IS NULL)))

Shouldn't it read 'AND (((roles.name = 'project_lead') AND (roles.resource_type ='Project') AND (roles.resource_id = 1)))' ?

Answer 1

Solved this one by correctly configuring the relationship between user and role. Only took me 4 months.