acting_user not valid in :available_to parameter of 'create' transition
Reported by Tim Griffin | March 16th, 2011 @ 06:17 PM
With help from Bryan Larsen, a problem has been identified with 'acting_user' not evaluating to a valid object in the context of <transition-buttons>, thereby causing a
"undefined method `administrator?' for nil:NilClass"
error.
The example we were working with extended a default Hobo
1.3pre30 app User model with two new transitions as
follows:
lifecycle do state :invited, :default => true state :active state :suspended create :invite, :available_to => "acting_user if acting_user.administrator?", :subsite => "admin", :params => [:name, :email_address], :new_key => true, :become => :invited do UserMailer.invite(self, lifecycle.key).deliver end transition :accept_invitation, { :invited => :active }, :available_to => :key_holder, :params => [ :password, :password_confirmation ] transition :request_password_reset, { :active => :active }, :new_key => true do UserMailer.forgot_password(self, lifecycle.key).deliver end transition :reset_password, { :active => :active }, :available_to => :key_holder, :params => [ :password, :password_confirmation ] transition :suspend, { :active => :suspended }, :available_to => "acting_user if acting_user.administrator?" transition :reactivate, { :suspended => :active }, :available_to => "acting_user if acting_user.administrator?" end
and added <transition-buttons> to the User#index view:
<old-index-page merge>
<collection: replace>
<table-plus fields="id, this, email_address, created_at, state, administrator, officer" param>
<controls:>
<transition-buttons/>
</controls:>
</table-plus>
</collection:>
</old-index-page>
The two additional transitions would not evaluate acting_user
properly, and had to be rewritten as:
transition :suspend, { :active => :suspended }, :available_to => "User.administrator" transition :reactivate, { :suspended => :active }, :available_to => "User.administrator"
It also doesn't seem possible to OR conditions as in this
example:
transition :suspend, { :active => :suspended }, :available_to => "User.administrator || User.officer"
This does not evaluate properly: if the user IS an officer, the expression does NOT evaluate to 'true', and the officer cannot perform the transition.
Comments and changes to this ticket
-
Domizio Demichelis March 31st, 2011 @ 12:29 AM
Tim, just a note before committing the fix:
transition :suspend, { :active => :suspended }, :available_to => "User.administrator || User.officer"
The above statement is not going to work the way you seem to expect. According to the documentation (http://cookbook.hobocentral.net/manual/lifecycles#the__option), when you pass a string as the
:available_to option
is evaluated and its result is used to determine whether the acting_user has access or not.User.administrator
returns always an array with at least one user (the administrator), but even if it would return an empty array the right side of the || will never get evaluated since [] in boolena context returntrue
.Besides, when a collection is returned (as in your case) the access is granted if
include?(acting_user)
is true, so if your officer is not also an administrator he will not be included in the collection. Just to show you an example with your own terms: the following (although ugly and inefficient) would work:"User.administrator + User.officer"
-
Domizio Demichelis March 31st, 2011 @ 12:53 AM
(from [3d19d5ce72db981083e241e5a271af2319b73703]) fix for transition :available_to => not setting the acting_user [#900 state:resolved] [#933] https://github.com/tablatom/hobo/commit/3d19d5ce72db981083e241e5a27...
-
Tim Griffin April 1st, 2011 @ 04:09 PM
Domizio, Bryan:
I've created this documentation ticket:
https://barquin.lighthouseapp.com/projects/63775-rapid-rails-3-with...
to have your notes (edited) and a couple of points from Bryan added to the guide. Thanks to you both for the clarifications.
Tim
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
People watching this ticket
Referenced by
- 933 acting_user not valid in :available_to parameter of 'create' transition (from [3d19d5ce72db981083e241e5a271af2319b73703]) fix for...
- 900 "``transition :available_to``" doesn't set acting_user (from [3d19d5ce72db981083e241e5a271af2319b73703]) fix for...
- 900 "``transition :available_to``" doesn't set acting_user same of #933