This is my first post here. Comments on style, etc., are appreciated. An answer is even more appreciated. This is a continuation of my question at https://stackoverflow.com/questions/44856528/how-to-trace-a-html-button-non-event-rails-authorization-with-pundit The problem: Figure 1: I have a form:
The first time I visit this page, everything seems to work. I can click on “Change Role” and update the appropriate row in the Postgres table. I can do it as many times as I like with no problems. If I click on, for instance, somename@yahoo.com (highlighted in yellow), I get to the following page: Figure 2: The above is just fine. If I click on Users on the upper right, I return to the webage denoted as Figure 1. Now things get, hmm, (un)interesting. When I click on Change Role, nothing happens. I have hooked up Wireshark and I am almost 100% sure I see no Post going out when I click on Change Role. I am pretty sure I see no outbound http when I click on Change Role **If I refresh the page, Change Role starts working again!**I am clueless where to look or what is going on.app/controllers/users_controller.rb
class UsersController < ApplicationController # See ruby - Rails 4: before_filter vs. before_action - Stack Overflow
“As we can see in ActionController::Base, before_action is just a new syntax for before_filter”
before_action :ralph_before_action after_action :ralph_after_action
before_filter :authenticate_user! after_action :verify_authorized
def index # byebug if ralph_test_byebug @users = User.all authorize User end
def show byebug if ralph_test_byebug @user = User.find(params[:id]) authorize @user end
def update # byebug # if ralph_test_byebug @user = User.find(params[:id]) authorize @user byebug # if ralph_test_byebug if @user.update_attributes(secure_params) redirect_to users_path, :notice => “User updated.” else redirect_to users_path, :alert => “Unable to update user.” end end
def destroy user = User.find(params[:id]) authorize user user.destroy redirect_to users_path, :notice => “User deleted.” end
private
def secure_params params.require(:user).permit(:role) end
def ralph_before_action # byebug xyz=123 end
def ralph_after_action # byebug xyz=123 end
end
``
app/views/users/index.html.erb
``
app/views/users/_user.html.erb
<%= link_to user.email, user %> <%= form_for(user) do |f| %> <%= f.select(:role, User.roles.keys.map {|role| [role.titleize,role]}) %> <%= f.submit 'Change Role' %> <% end %> <%= link_to("Delete user", user_path(user), :data => { :confirm => "Are you sure?" }, :method => :delete, :class => 'button') unless user == current_user %>``