Add cancancan to admins

app/controllers/admins_controller.rb

@@ -1,6 +1,8 @@
 require 'csv'
 class AdminsController < ApplicationController
+
   def schulden
+    authorize! :schulden, :admins
     @users = User.all
     respond_to do |format|
       format.csv do

app/controllers/application_controller.rb

@@ -4,6 +4,11 @@ class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
   before_action :configure_permitted_parameters, if: :devise_controller?
 
+  rescue_from CanCan::AccessDenied do |exception|
+    flash[:error] = exception.message
+    redirect_to root_path
+  end
+
   def after_sign_in_path_for(resource)
     root_path
   end

app/models/ability.rb

@@ -5,6 +5,7 @@ class Ability
     user ||= User.new # guest user (not logged in)
     if user.admin?
       can :manage, :all
+      can :schulden, :admins
     else
       can :read, :all
     end

app/views/devise/sessions/new.html.erb

@@ -1,4 +1,6 @@
 <h2>Sign in</h2>
+<%= render partial: 'flash' %>
+
 <div class="sign-in">
   <%= form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>