0

I am following up from a problem that I had before. I was able to get the code to work for three roles, but I need to include 4 roles in the mix.

The problem: I have 4 roles (user, business user, super user, and admin). Admins have access to everything (user index). Super users can only see both users and business users (user index).

The error: I have a functioning app that allows admins to have access to everything, but my super users can only see users (and not business users). I tried switching in the User Policy resolve method, for the super user to role: 'business_user' to see if that even worked. Well, it does not work and it only shows me users (not business_users). It's probably a simple ruby issue that I'm overlooking.

User Policy

class UserPolicy
   attr_reader :current_user, :model

  def initialize(current_user, model)
    @current_user = current_user
    @user = model
  end

  class Scope
    attr_reader :user, :scope

    def initialize(user, scope)
       @user = user
       @scope = scope
    end

    def resolve
      if user.admin?
        scope.all
      else user.super_user?
        scope.where(role: 'user')
      end
    end
  end

  def index?
    @current_user.admin? or @current_user.super_user?
  end
end

User Controller

class UsersController < ApplicationController
  before_filter :authenticate_user!
  after_action :verify_authorized

  def index
    @users = policy_scope(User)
    authorize @users
  end
[rest of the controller]

User Model

class User < ActiveRecord::Base
  enum role: [:user, :business_user, :super_user, :admin]
  [rest of model]
end
Community
  • 1
  • 1
AGirlThatCodes
  • 575
  • 7
  • 21
  • In the console, can you tell me what you have for `User.where(role: 'user').count`? Do you have some users with the role "user"? – Dougui Dec 29 '14 at 18:50
  • Yes, in my db, I have 4 users. One for each role. So that would give me '1'. I also did the same `User.where(role: 'business_user').count` and I have 1. – AGirlThatCodes Dec 29 '14 at 18:56

2 Answers2

0

Can you try to change this method :

def resolve
  if user.admin?
    scope.all
  else user.super_user?
    scope.where(role: 'user')
  end
end

By this :

def resolve
  if user.admin?
    scope.all
  else user.super_user?
    scope.where('role == "user" or role == "business_user"').all
  end
end

You have to change your query to have both roles.

Dougui
  • 7,142
  • 7
  • 52
  • 87
  • Thank you! For the `scope.where` part, how do you advise I specify both roles: `user` and `business_user` – AGirlThatCodes Dec 29 '14 at 19:26
  • Thank you! I tried using `role == "user" or role == "business_user"` but I didn't have any luck. I had to switch it to `role: 1`. I updated my question. I tried using `or` and `||` for the middle and I didnt have any luck. Do you have any recommendations for multiple `where` params? – AGirlThatCodes Dec 29 '14 at 19:54
  • Do you have a result if you do `User.where('role == "user" or role == "business_user"').count`? Multiple wheres will do `and`. – Dougui Dec 29 '14 at 20:02
  • I figured out how to call both of them. I fed in an array. `scope.where(role: [0,1])`. – AGirlThatCodes Dec 29 '14 at 20:04
0

I figured out what I had to do. It was a two step process. First, I had to change the role to the numerical value that pundit stores it as instead of the string, so the role would be 0 & 1. Second, I used an array to feed them into the param so it would accept multiple options.

 class Scope
    attr_reader :user, :scope

    def initialize(user, scope)
       @user = user
       @scope = scope
    end

    def resolve
      if user.admin?
        scope.all
      elsif user.super_user?
        scope.where(role: [1,0])
      else
        scope.none
      end
    end
  end
AGirlThatCodes
  • 575
  • 7
  • 21