ruby on rails - How do I resolve: Pundit::NotDefinedError in PostsController#show? -

-

whenever run below program , try view posts (in show view) user, introduced error page:

pundit::notdefinederror in postscontroller#show unable find policy of nil

within error page:

def show     @post = post.find(params[:id])     authorize @posts                 # <- error highlights line   end

i'm not sure how around dilemma i'm learning pundit policy rules , new rails , ruby. appreciated. below policy pages , related pages:

user.rb model

class user < activerecord::base   # include default devise modules. others available are:   # :confirmable, :lockable, :timeoutable , :omniauthable   devise :database_authenticatable, :registerable,   :recoverable, :rememberable, :trackable, :validatable, :confirmable    has_many :posts    def admin?     role == 'admin'   end    def moderator?     role == 'moderator'   end    def member?     role == 'member'   end    def guest?     role == 'guest'   end end

application controller

    class applicationcontroller < actioncontroller::base       # prevent csrf attacks raising exception.       # apis, may want use :null_session instead.       include pundit       protect_from_forgery with: :exception       before_action :configure_permitted_parameters, if: :devise_controller?        rescue_from pundit::notauthorizederror |exception|         redirect_to root_url, alert: exception.message       end        protected        def configure_permitted_parameters         devise_parameter_sanitizer.for(:sign_up) << :name       end     end

posts controller

    class postscontroller < applicationcontroller     #  before_action :flash_attack      #  protected       #  def flash_attack     #    flash[:notice] = "create/edit/comment on post!"     #  end        def index         @posts = post.all         authorize @posts       end        def show         @post = post.find(params[:id])         authorize @posts       end        def new         @post = post.new         authorize @post       end        def create         @post = current_user.posts.build(params.require(:post).permit(:title, :body))         authorize @post         if @post.save           flash[:notice] = "post saved."           redirect_to @post         else           flash[:error] = "there error saving post. please try again."           render :new         end       end        def edit         @post = post.find(params[:id])         authorize @post       end        def update         @post = post.find(params[:id])         authorize @post         if @post.update_attributes(params.require(:post).permit(:title, :body))           flash[:notice] = "post updated."           redirect_to @post         else           flash[:error] = "there error saving post. please try again."           render :edit         end       end     end

application policy

class applicationpolicy   attr_reader :user, :record    def initialize(user, record)     @user = user     @record = record   end    def index?     false   end    def show?     scope.where(:id => record.id).exists?   end    def create?     user.present?   end    def new?     create?   end    def update?     user.present? && (record.user == user || user.admin?)    end    def edit?     update?   end    def destroy?     update?   end    def scope     record.class   end    class scope     attr_reader :user, :scope      def initialize(user, scope)       @user = user       @scope = scope     end      def resolve       scope     end   end end

posts policy

    class postpolicy < applicationpolicy       class scope < scope         def resolve           if user.admin?             scope.all           else             scope.where(:published => true)           end         end        def index?         true       end        def show?         true       end       def update?         user.admin? or not post.published?       end     end     end

index view

    <h1>all posts</h1>      <% if policy(post.new).create? %>     <%= link_to "new post", new_post_path, class: 'btn btn-success' %>     <% end %>      <% @posts.each |post| %>       <div class="media">           <div class="media-body">             <h4 class="media-heading">               <%= link_to post.title, post %>             </h4>             <small>               submitted <%= time_ago_in_words(post.created_at) %> ago <%= post.user.name unless post.user.nil? %><br>               <%= post.comments.count %> comments             </small>         </div>     </div>     <% end %>

show view

<h1> <%= @post.title %> </h1>  <% if policy(@post).edit? %> <%= link_to "edit", edit_post_path(@post), class: 'btn btn-success' %> <% end %>  <p> <%= @post.body %> </p>

thanks in advance everyone. let me know if more information great.

@posts nil in show action, should use @post such:

authorize @post

Comments

Post a Comment

Popular posts from this blog

python - How to create jsonb index using GIN on SQLAlchemy? -

-
here's current code creating index jsonb. index("mytable_data_idx_id_key", mytable.data['id'].astext, postgresql_using='gin') but got error. sqlalchemy.exc.programmingerror: (psycopg2.programmingerror) data type text has no default operator class access method "gin" hint: must specify operator class index or define default operator class data type. [sql: "create index event_data_idx_id_key on event using gin ((data ->> 'id'))"] is there way create index on sqlalchemy? the postgresql specific sqlalchemy docs @ http://docs.sqlalchemy.org/en/latest/dialects/postgresql.html#operator-classes mention postgresql_ops dictionary provide "operator class" used postgresql, , provide example illustrating use: index('my_index', my_table.c.id, my_table.c.data, postgresql_ops={ 'data': 'text_pattern_ops', ...
Read more

PHP DOM loadHTML() method unusual warning -

-
i had following code works fine on localhost: $document = new domdocument(); $document->loadhtml($p_result); $form = $document->getelementsbytagname('form')->item(0); // code continues using $form variable after same code updated on outside server, loadhtml() failed , issued warning. warning: domdocument::loadhtml() expects parameter 1 valid path, string given in path/name/to/script.php returned null instead of object code pretty gets fatal error. note contents of $p_result absolutely same on outside server , on localhost. but why displays kind of warning , why not work? doesn't loadhtml() expects argument 1 string in first place? why method expects parameter 1 valid path ? just make clear i'm not calling loadhtmlfile() , i'm calling loadhtml() . thanks. you're affected one of php bugs . issue present in php 5.6.8 , 5.6.9. have affected php version on server, , bug-free version on localhost. the bug forbids null ...
Read more

c# - TransactionScope not rolling back although no complete() is called -

-
i'm using transactionscope rollback transaction fail bool errorreported = false; action<importerrorlog> newerrorcallback = e => { errorreported = true; errorcallback(e); }; using (var transaction = new transactionscope()) { foreach (importtaskdefinition task in taskdefinition) { loader.load(streamfile, newerrorcallback, task.destinationtable, processingtaskid); } if (!errorreported) transaction.complete(); } i'm sure there no transactionscope started ahead or after code. i'm using entity framework insert in db. regardless state of errorreported transaction never rolled in case of error. what missing ? transactionscope sets transaction.current . that's does. wants transacted must @ property. i believe ef each time connection opened reason. probably, connection open when scope installed. open connection inside of scope or enlist manually. ef has nasty "design decision": default opens ...
Read more