MAPC / massbuilds

Crowdsourcing authoritative info on recent & ongoing developments in Massachusetts.
https://www.massbuilds.com/
2 stars 2 forks source link

Municipal user logged out after trying to create site outside municipality #317

Open atomtay opened 3 years ago

atomtay commented 3 years ago

Describe the bug When a municipal user tries to create a development outside of their municipality (say, a Cambridge user tries to add a development in Acton), instead of displaying an error the user is logged out.

Steps to reproduce

  1. Log in as a municipal user
  2. Click "Create Development" and set the lat/long outside of the assigned municipality
  3. Submit the development by clicking "Create Development"
  4. An error will briefly appear, but then the user will be quickly logged out.

Expected behavior The error message should appear, the user should stay signed in, and the development still should not go through.

Desktop (please complete the following information):

Additional context Here's a sample Rails log:

Started POST "/developments" for 127.0.0.1 at 2021-04-28 09:00:19 -0400
Processing by DevelopmentsController#create as JSONAPI
  Parameters: {"data"=>{"attributes"=>{"name"=>"Newton", "status"=>"completed", "descr"=>"abc", "prj_url"=>nil, "tagline"=>nil, "nhood"=>nil, "address"=>nil, "state"=>"MA", "zip_code"=>nil, "park_type"=>nil, "parcel_id"=>nil, "municipal"=>nil, "devlper"=>nil, "traffic_count_data"=>nil, "height"=>nil, "stories"=>nil, "year_compl"=>2020, "prjarea"=>nil, "singfamhu"=>0, "smmultifam"=>0, "lgmultifam"=>0, "unknownhu"=>nil, "hu"=>0, "gqpop"=>0, "rptdemp"=>nil, "commsf"=>100, "hotelrms"=>0, "onsitepark"=>nil, "total_cost"=>nil, "ret_sqft"=>0, "ofcmd_sqft"=>0, "indmf_sqft"=>100, "whs_sqft"=>0, "rnd_sqft"=>0, "ei_sqft"=>0, "other_sqft"=>0, "hotel_sqft"=>0, "unk_sqft"=>nil, "latitude"=>42.343778993114014, "longitude"=>-71.19619188697828, "units_1bd"=>nil, "units_2bd"=>nil, "units_3bd"=>nil, "affrd_unit"=>0, "aff_u30"=>0, "aff_30_50"=>0, "aff_50_80"=>0, "aff_80p"=>0, "aff_unknown"=>0, "publicsqft"=>0, "mepa_id"=>nil, "rdv"=>false, "asofright"=>false, "ovr55"=>false, "clusteros"=>false, "phased"=>false, "stalled"=>false, "headqtrs"=>false, "mixed_use"=>false, "yrcomp_est"=>false, "flag"=>false, "created_at"=>nil, "updated_at"=>nil}, "relationships"=>{"user"=>{"data"=>{"type"=>"users", "id"=>"599"}}}, "type"=>"developments"}}
  User Load (1.6ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = $1 LIMIT $2  [["email", "ataylor+test@mapc.org"], ["LIMIT", 1]]
   (4.0ms)  BEGIN
  SQL (20.4ms)  UPDATE "users" SET "current_sign_in_at" = $1, "last_sign_in_at" = $2, "sign_in_count" = $3, "updated_at" = $4 WHERE "users"."id" = $5  [["current_sign_in_at", "2021-04-28 13:00:19.559534"], ["last_sign_in_at", "2021-04-28 12:58:59.606471"], ["sign_in_count", 59], ["updated_at", "2021-04-28 13:00:19.565230"], ["id", 599]]
   (13.7ms)  COMMIT
Completed 401 Unauthorized in 379ms (ActiveRecord: 39.8ms)

Started GET "/developments?trunc=true" for 127.0.0.1 at 2021-04-28 09:00:21 -0400
Processing by DevelopmentsController#index as JSONAPI
  Parameters: {"trunc"=>"true"}
Unpermitted parameter: :trunc
  Development Load (241.1ms)  SELECT "developments".* FROM "developments" WHERE "developments"."deleted_at" IS NULL
Completed 200 OK in 2419ms (Views: 0.4ms | ActiveRecord: 241.1ms)