Declarative authorization with nested resources

I'm coming here as a last resort, tried everything.Its just not working. So here goes.

Here is my authorization code:

role :department_admin do
#Department has many users through designations  
  has_permission开发者_如何转开发_on [:departments], :to => [:manage] do
    if_attribute :designations => contains {user.designation}
  end
  has_permission_on :users, :to => [:read]
  has_permission_on :users, :to => [:create, :update, :destroy] do
    if_permitted_to :manage, :department
  end

My Controller code for departments:

filter_resource_access
#and the rest

And in users_controller :

filter_resource_access :nested_in => :departments
# and the rest

I'm trying to follow the pattern used in the example app given on the declarative_authorization github page, but in vain.

So with this configuration when I try to create a new user

I get

Couldn't find Department without an ID

Any head's up or a tip could really help.