search

TrestleAdmin / trestle-auth

Authentication plugin for the Trestle admin framework
https://trestle.io
GNU Lesser General Public License v3.0
53 stars 22 forks source link

undefined method `authorize?' for #<PlansAdmin::AdminController:0x00000000065450> #53

Open cedricdekimpe opened 4 months ago

cedricdekimpe commented 4 months ago

I try to use trestle-auth with the authorization branch with a very barebone Trestle resource : 

# frozen_string_literal: true

Trestle.resource(:plans) do
  authorize_with pundit: PlanPolicy
end
# frozen_string_literal: true

class PlanPolicy < ApplicationPolicy
  def index?
    true
  end
end

But when I try to reache /admin/plans I got this error :

undefined method `authorize?' for #<PlansAdmin::AdminController:0x00000000065450>

I tried to track this down as far as I could and it seems that the Pundit policy is well taken into account by trestle-auth, and I couldn't find where this authorize? method would be called - I didn't even find any Google/GitHub/StackOverflow result with this exact method.

Would anyone have any idea for me to debug this?

Rails 7.1.3.2 Pundit : 2.2.0 Trestle : 0.9.9 Trestle Auth : trestle-auth-121cad6a8cb6

spohlenz commented 4 months ago

Could you please share more of the stack trace?

The authorize? method on the controller is defined at https://github.com/TrestleAdmin/trestle-auth/blob/authorization/lib/trestle/auth/controller/authorization.rb#L27-L29 and is called by a before_action in the same file at https://github.com/TrestleAdmin/trestle-auth/blob/authorization/lib/trestle/auth/controller/authorization.rb#L8 (also in https://github.com/TrestleAdmin/trestle-auth/blob/authorization/lib/trestle/auth/extensions/resource_controller.rb#L10).

Both of those controller modules are included via a config.to_prepare block in engine.rb: https://github.com/TrestleAdmin/trestle-auth/blob/authorization/lib/trestle/auth/engine.rb#L10-L13.

I just tried setting up a new Rails app with those gem versions and didn't encounter the error you are seeing (though I did have to fix a separate error within the default config.auth.redirect_on_access_denied block).

cedricdekimpe commented 3 months ago

Sorry for the delay, I was off for a few days. Here's the trace : 

NoMethodError in PlansAdmin::AdminController#index
undefined method `authorize?' for #<PlansAdmin::AdminController:0x00000000067d40>
Extracted source (around line #403):

401
402
403
404
405
406

          def make_lambda
            lambda do |target, value, &block|
              target.send(@method_name, &block)
            end
          end

Rails.root: /home/user/code/app
Application Trace | Framework Trace | Full Trace
activesupport (7.1.3.2) lib/active_support/callbacks.rb:403:in `block in make_lambda'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:182:in `block (2 levels) in halting_and_conditional'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:182:in `all?'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:182:in `block in halting_and_conditional'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:598:in `block in invoke_before'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:598:in `each'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:598:in `invoke_before'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:119:in `block in run_callbacks'
react-rails (2.6.1) lib/react/rails/controller_lifecycle.rb:31:in `use_react_component_helper'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
actiontext (7.1.3.2) lib/action_text/rendering.rb:23:in `with_renderer'
actiontext (7.1.3.2) lib/action_text/engine.rb:69:in `block (4 levels) in <class:Engine>'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:130:in `instance_exec'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:141:in `run_callbacks'
actionpack (7.1.3.2) lib/abstract_controller/callbacks.rb:258:in `process_action'
actionpack (7.1.3.2) lib/action_controller/metal/rescue.rb:25:in `process_action'
actionpack (7.1.3.2) lib/action_controller/metal/instrumentation.rb:74:in `block in process_action'
activesupport (7.1.3.2) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.1.3.2) lib/active_support/notifications/instrumenter.rb:58:in `instrument'
activesupport (7.1.3.2) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.1.3.2) lib/action_controller/metal/instrumentation.rb:73:in `process_action'
actionpack (7.1.3.2) lib/action_controller/metal/params_wrapper.rb:261:in `process_action'
activerecord (7.1.3.2) lib/active_record/railties/controller_runtime.rb:32:in `process_action'
actionpack (7.1.3.2) lib/abstract_controller/base.rb:160:in `process'
actionview (7.1.3.2) lib/action_view/rendering.rb:40:in `process'
actionpack (7.1.3.2) lib/action_controller/metal.rb:227:in `dispatch'
actionpack (7.1.3.2) lib/action_controller/metal.rb:309:in `dispatch'
actionpack (7.1.3.2) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.1.3.2) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:51:in `block in serve'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:131:in `block in find_routes'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:124:in `each'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:124:in `find_routes'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.1.3.2) lib/action_dispatch/routing/route_set.rb:882:in `call'
railties (7.1.3.2) lib/rails/engine.rb:536:in `call'
railties (7.1.3.2) lib/rails/railtie.rb:226:in `public_send'
railties (7.1.3.2) lib/rails/railtie.rb:226:in `method_missing'
actionpack (7.1.3.2) lib/action_dispatch/routing/mapper.rb:22:in `block in <class:Constraints>'
actionpack (7.1.3.2) lib/action_dispatch/routing/mapper.rb:51:in `serve'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:51:in `block in serve'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:131:in `block in find_routes'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:124:in `each'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:124:in `find_routes'
actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.1.3.2) lib/action_dispatch/routing/route_set.rb:882:in `call'
omniauth (2.0.4) lib/omniauth/strategy.rb:202:in `call!'
omniauth (2.0.4) lib/omniauth/strategy.rb:169:in `call'
omniauth (2.0.4) lib/omniauth/strategy.rb:202:in `call!'
omniauth (2.0.4) lib/omniauth/strategy.rb:169:in `call'
omniauth (2.0.4) lib/omniauth/strategy.rb:202:in `call!'
omniauth (2.0.4) lib/omniauth/strategy.rb:169:in `call'
omniauth (2.0.4) lib/omniauth/strategy.rb:202:in `call!'
omniauth (2.0.4) lib/omniauth/strategy.rb:169:in `call'
omniauth (2.0.4) lib/omniauth/strategy.rb:202:in `call!'
omniauth (2.0.4) lib/omniauth/strategy.rb:169:in `call'
bullet (7.1.6) lib/bullet/rack.rb:14:in `call'
rack-attack (6.7.0) lib/rack/attack.rb:127:in `call'
leaky_bucket (0.2.5) lib/leaky_bucket/middleware.rb:11:in `call'
warden (1.2.9) lib/warden/manager.rb:36:in `block in call'
warden (1.2.9) lib/warden/manager.rb:34:in `catch'
warden (1.2.9) lib/warden/manager.rb:34:in `call'
rack (2.2.9) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.9) lib/rack/etag.rb:27:in `call'
rack (2.2.9) lib/rack/conditional_get.rb:27:in `call'
rack (2.2.9) lib/rack/head.rb:12:in `call'
actionpack (7.1.3.2) lib/action_dispatch/http/permissions_policy.rb:36:in `call'
actionpack (7.1.3.2) lib/action_dispatch/http/content_security_policy.rb:33:in `call'
rack (2.2.9) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.9) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/cookies.rb:689:in `call'
activerecord (7.1.3.2) lib/active_record/migration.rb:655:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack (7.1.3.2) lib/action_dispatch/middleware/callbacks.rb:28:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/executor.rb:14:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/actionable_exceptions.rb:16:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/show_exceptions.rb:31:in `call'
railties (7.1.3.2) lib/rails/rack/logger.rb:37:in `call_app'
railties (7.1.3.2) lib/rails/rack/logger.rb:24:in `block in call'
activesupport (7.1.3.2) lib/active_support/tagged_logging.rb:135:in `block in tagged'
activesupport (7.1.3.2) lib/active_support/tagged_logging.rb:39:in `tagged'
activesupport (7.1.3.2) lib/active_support/tagged_logging.rb:135:in `tagged'
activesupport (7.1.3.2) lib/active_support/broadcast_logger.rb:240:in `method_missing'
railties (7.1.3.2) lib/rails/rack/logger.rb:24:in `call'
sprockets-rails (3.2.2) lib/sprockets/rails/quiet_assets.rb:13:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/remote_ip.rb:92:in `call'
request_store (1.6.0) lib/request_store/middleware.rb:19:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/request_id.rb:28:in `call'
rack (2.2.9) lib/rack/method_override.rb:24:in `call'
rack (2.2.9) lib/rack/runtime.rb:22:in `call'
rack-timeout (0.6.3) lib/rack/timeout/core.rb:148:in `block in call'
rack-timeout (0.6.3) lib/rack/timeout/support/timeout.rb:19:in `timeout'
rack-timeout (0.6.3) lib/rack/timeout/core.rb:147:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/server_timing.rb:59:in `block in call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/server_timing.rb:24:in `collect_events'
actionpack (7.1.3.2) lib/action_dispatch/middleware/server_timing.rb:58:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/executor.rb:14:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/static.rb:25:in `call'
rack (2.2.9) lib/rack/sendfile.rb:110:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/host_authorization.rb:141:in `call'
shakapacker (7.0.3) lib/shakapacker/dev_server_proxy.rb:25:in `perform_request'
rack-proxy (0.7.6) lib/rack/proxy.rb:87:in `call'
railties (7.1.3.2) lib/rails/engine.rb:536:in `call'
railties (7.1.3.2) lib/rails/railtie.rb:226:in `public_send'
railties (7.1.3.2) lib/rails/railtie.rb:226:in `method_missing'
rack (2.2.9) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.9) lib/rack/urlmap.rb:58:in `each'
rack (2.2.9) lib/rack/urlmap.rb:58:in `call'
middlewares/api_proxy.rb:30:in `call'
middlewares/cors.rb:34:in `call'
middlewares/no_cache_on_error.rb:7:in `call'
middlewares/maintenance_mode.rb:18:in `call'
rack (2.2.9) lib/rack/common_logger.rb:38:in `call'
puma (6.4.2) lib/puma/configuration.rb:272:in `call'
puma (6.4.2) lib/puma/request.rb:100:in `block in handle_request'
puma (6.4.2) lib/puma/thread_pool.rb:378:in `with_force_shutdown'
puma (6.4.2) lib/puma/request.rb:99:in `handle_request'
puma (6.4.2) lib/puma/server.rb:464:in `process_client'
puma (6.4.2) lib/puma/server.rb:245:in `block in run'
puma (6.4.2) lib/puma/thread_pool.rb:155:in `block in spawn_thread'
spohlenz commented 3 months ago

I'm still looking into this one, although I haven't had much luck yet in reproducing.

I was wondering if you could share a little more info on your integration:

1) Are you using Devise? I'm assuming yes based on the warden gem in the stack trace.

2) Is there anything out of the ordinary in your trestle.rb configuration or is it mostly default?

3) Any other gems or customizations to Trestle that might be interfering with callbacks or module inclusions?

If you are able to upload a test app to GitHub that exhibits the issue, that would be ideal (though I understand not always easy to do).

spohlenz commented 3 months ago

One other thing that might prove useful is to share the output of PlansAdmin::AdminController.ancestors from a Rails console session. The key modules to look for are marked below with ***.

e.g.

3.2.2 :002 > PlansAdmin::AdminController.ancestors
 => 
[PlansAdmin::AdminController,
 Trestle::ResourceController,
 Trestle::Auth::Extensions::ResourceController,          # ***
 Trestle::Resource::Controller::Toolbar,
 Trestle::Resource::Controller::Redirection,
 Trestle::Resource::Controller::DataMethods,
 Trestle::Resource::Controller::Actions,
 Trestle::AdminController,
 Trestle::ApplicationController,
 Trestle::Auth::ControllerMethods,
 Trestle::Auth::Controller::TimeZone,
 Trestle::Auth::Controller::Locale,
 Trestle::Auth::Controller::Authorization,               # ***
 Trestle::Auth::Controller::Authentication,
 Trestle::Controller::Toolbars,
 Trestle::Controller::Title,
 Trestle::Controller::Location,
 Trestle::Controller::Layout,
 Trestle::Controller::Helpers,
 Trestle::Controller::Dialog,
 Trestle::Controller::Callbacks,
 Trestle::Controller::Breadcrumbs,
 #<Module:0x0000000108e582c0>,
 #<Module:0x0000000108d93498>,
 #<Module:0x0000000108d93538>,
 ActionController::Base,
 ...
]