Add cancan authorization in all main urls

app/controllers/admin/base_controller.rb

@@ -1,5 +1,6 @@
 class Admin::BaseController < ApplicationController
 
+  skip_authorization_check
   before_filter :verify_administrator
 
   private

app/controllers/application_controller.rb

@@ -1,6 +1,9 @@
 require "application_responder"
 
 class ApplicationController < ActionController::Base
+
+  check_authorization unless: :devise_controller?
+
   self.responder = ApplicationResponder
   respond_to :html
 

app/controllers/moderation/base_controller.rb

@@ -1,5 +1,6 @@
 class Moderation::BaseController < ApplicationController
 
+  skip_authorization_check
   before_filter :verify_moderator
 
   private

app/models/ability.rb

@@ -7,7 +7,7 @@ class Ability
 
     if user # logged-in users
       can [:read, :create, :vote], Debate
-      can :edit, Debate do |debate|
+      can :update, Debate do |debate|
         debate.editable_by?(user)
       end