Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign uphash_condition_match returns nil when subject is ActiveRecord Collection Proxy #536
Comments
|
I'm still struggling to isolate exactly why Edit: Turns out using |
|
can you provide a gist to reproduce your issue? Is not clear to me, sorry. |
|
Here is a reproduction of the issue: https://github.com/laurawatson/can_can_check. In this reproduction, the issue occurs when you first login as an adviser user and try to access the foo show page. It will redirect you to the home page despite the adviser user having access to foo. If you then head back to the foo show page you will be allowed in (more info in the readme). |
|
@coorasse We're currently effectively having to inline our ActiveRecord conditions to avoid this bug. We suspect it's some unusual interaction between ActiveRecord lazy loading and this gem but I have been unable to diagnose it further than that Would you be so kind as to confirm if you see the same issue as us in the example repo linked by @laurawatson above? If it is at least a confirmed bug then we may be able to put some time aside to help fix it, until then all we can do is assume it's our mistake and not use this gem. |
|
I confirm that I see the same behaviour. |
|
changing the rule |
|
And the user can also see |
When the subject is an
ActiveRecord_Associations_CollectionProxy(ActiveRecord::Relation), the inner_foo value is true, but the outer_foo value is nil as seen below;This is because it calls this method instead of array's
any?:https://api.rubyonrails.org/classes/ActiveRecord/Associations/CollectionProxy.html#method-i-any-3F
System configuration
Rails version:
5.2.0
Ruby version:
2.5.1
CanCanCan version
2.3.0