What is the best way to bypass devise authorization for a specific record marked public

Question

I\'m using devise and cancan in a Rails 3.2 project. I have an event model with a boolean flag public. If the event is marked as public

Answer 1

No, do not skip authentication. You want to skip authorization. A better solution would be to explicitly authorize events with public => true.

In your cancan ability class:

can :read, Event do |e|
  some_other_authorization_boolean || e.public?
end

This ability would be given to all users; even ones that are not logged in.