CODEWITHSUNDEEP
ruby-on-railsrubypundit
Mel
Mel

Reputation: 2685

Rails - Pundit - resolve method not operating correctly

I am trying to figure out how to use pundit with my rails 4 app.

I have an article policy and an article index view.

In the article policy, I have a resolve method which has scopes for different types of users.

def resolve
    if user == @user.id
        scope.all.where(user_id: user.id)
    elsif user.has_role?(:org_approver)
        scope.to_be_reviewed
    else
        scope.in_state(:publish)
    end     
end

In my index show, I'm expecting to show each user the articles in the array depending on which category they fit into within my resolve method.

<% policy_scope(Article).sort_by(&:created_at).in_groups_of(2) do |group| %>
    <div id="portfolioFiltering" class="masonry-wrapper row">
         <% group.compact.each do |article| %>
         <div class="col-md-4 col-md-offset-1 portfolioitem Scienza">
         <div class="portfolio-item text-

I don't get any errors, but when I login as the user that is the author of the article, I expect to get all of the articles belonging to me (as that user). Instead, I get all the published articles, only (which is the last alternative in my resolve method).

Can anyone see where I've gone wrong?

Upvotes: 0

Views: 241

Answers (1)

Greg Answer
Greg Answer

Reputation: 717

I believe this line is the problem: 

user == @user.id

it should be:

user == @user

Because a User object will never be equal to an Integer object, which is what you get when you call id on a User object.

Also, take a look at Pundit GitHub page and scroll down to the RSpec section on testing. You should always test authentication and authorization.

Upvotes: 0

Related Questions