TL;DR
Basically, do I have to manually call authorize! in controller actions that aren't one of the 7 RESTful defaults, or does load_and_authorize_resource still do that for me in those non-standard actions?
Longer version:
I generated a controller via rails scaffold and then added several custom actions that do some random other things.
At the top of the controller, I have load_and_authorize_resource, which I believe will call authorize! in each of the actions.
Does it do that for every single action within the controller (including the custom ones), or only those that were generated by the scaffold? (i.e. index, show, new, edit, create, update, destroy)
I see from the cancancan docs:
Setting this for every action can be tedious, therefore the
load_and_authorize_resourcemethod is provided to automatically authorize all actions in a RESTful style resource controller.
But I'm not sure if that's just the 7 originals or others the developer adds as well
