Open owst opened 1 year ago
This seems like intentional behaviour according to this suggested test: https://github.com/CanCanCommunity/cancancan/pull/689#discussion_r638352513 My expectation also seems to be somewhat at odds with the expectation set out in another issue: https://github.com/CanCanCommunity/cancancan/issues/771
My expectation was that since all Ferraris and Suzukis are Vehicles (both intuitively and in the assert_equal true, ferrari.is_a?(Vehicle)
sense), asking for the set of accessible Vehicles (assuming that Ferraris but not Suzukis have been marked as accessible) should include only Ferraris.
In my specific example, I would expect:
Vehicle.accessible_by(ability, :index).to_a # => [ferrari]
Car.accessible_by(ability, :index).to_a # => [ferrari]
Ferrari.accessible_by(ability, :index).to_a # => [ferrari]
Motorbike.accessible_by(ability, :index).to_a # => []
Suzuki.accessible_by(ability, :index).to_a # => []
but what we get is
Vehicle.accessible_by(ability, :index).to_a # => []
Car.accessible_by(ability, :index).to_a # => [ferrari]
Ferrari.accessible_by(ability, :index).to_a # => [ferrari]
Motorbike.accessible_by(ability, :index).to_a # => []
Suzuki.accessible_by(ability, :index).to_a # => []
Steps to reproduce
Granting read permission on a subset of STI subclass doesn't lead to relevant records being returned by
accessible_by
. With the following STI hierarchy:Given
can :read, Ferrari
we expectVehicle.accessible_by(ability, :index)
to include any instances ofFerrari
(but none ofSuzuki
), but instead noVehicle
records are returned.Reproduction:
This feels like an extension of #677
Expected behavior
The allowed subclass instances should be returned by
klass.accessible_by
for all klasses in the STI hierarchy.Actual behavior
The allowed subclass instances are not returned by
accessible_by
when invoked on the base class.System configuration
Rails version:
6.1.7
Ruby version:
2.7.6
CanCanCan version
3.4.0