search

abartov / bybeconv

Project Ben-Yehuda's content management system.
https://benyehuda.org/
Other
10 stars 5 forks source link

Autocomplete fields in browse filters are broken if user is not logged in or does not have editor role #327

Closed damisul closed 2 months ago

damisul commented 2 months ago

I've noticed one problem with our autocomplete fields on browse works page: if user is not logged in, we got an 'editor required' error and then redirects to root (it is not visible to user, but quite heavy and autocompletion does not works).

Logs:

Started GET "/autocomplete_person_name?term=%D7%90%D7%91%D7%A8%D7%94%D7%9D+" for 127.0.0.1 at 2024-04-24 01:18:54 +0500
Processing by AdminController#autocomplete_person_name as JSON
  Parameters: {"term"=>"אברהם "}
  BaseUser Load (0.8ms)  SELECT `base_users`.* FROM `base_users` WHERE `base_users`.`session_id` = '2::b679d5ded72a38f5bc4044ddfc02be931b23fb4445259ba7621f5d6837e56e30' LIMIT 1
  ↳ app/controllers/application_controller.rb:41:in `base_user'
Query Trace:
      app/controllers/application_controller.rb:41:in `base_user'
      app/controllers/application_controller.rb:82:in `set_base_user'
  ↳ app/controllers/application_controller.rb:41:in `base_user'
Redirected to http://localhost:3000/
Filter chain halted as :require_editor rendered or redirected
Completed 302 Found in 2ms (ActiveRecord: 0.8ms | Allocations: 1292)

I believe we need to allow those actions to be available for non-authorized users. Perhaps we can move them from Admin controller somewhere

abartov commented 2 months ago

Sure, go ahead and fix it. Though I'm pretty sure they used to work...

On Tue, Apr 23, 2024 at 11:25 PM Damir Sultanbekov @.***> wrote:

I've noticed one problem with our autocomplete fields on browse works page: if user is not logged in, we got an 'editor required' error and then redirects to root (it is not visible to user, but quite heavy and autocompletion does not works).

Logs:

Started GET "/autocomplete_person_name?term=%D7%90%D7%91%D7%A8%D7%94%D7%9D+" for 127.0.0.1 at 2024-04-24 01:18:54 +0500 Processing by AdminController#autocomplete_person_name as JSON Parameters: {"term"=>"אברהם "} BaseUser Load (0.8ms) SELECT base_users.* FROM base_users WHERE base_users.session_id = '2::b679d5ded72a38f5bc4044ddfc02be931b23fb4445259ba7621f5d6837e56e30' LIMIT 1 ↳ app/controllers/application_controller.rb:41:in base_user' Query Trace: app/controllers/application_controller.rb:41:inbase_user' app/controllers/application_controller.rb:82:in set_base_user' ↳ app/controllers/application_controller.rb:41:inbase_user' Redirected to http://localhost:3000/ Filter chain halted as :require_editor rendered or redirected Completed 302 Found in 2ms (ActiveRecord: 0.8ms | Allocations: 1292)

I believe we need to allow those actions to be available for non-authorized users. Perhaps we can move them from Admin controller somewhere

— Reply to this email directly, view it on GitHub https://github.com/abartov/bybeconv/issues/327, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAQFJ5TNKDFHZXBXXGY4KTY627R7AVCNFSM6AAAAABGVT32GGVHI2DSMVQWIX3LMV43ASLTON2WKOZSGI2TSNZQHA3TSOI . You are receiving this because you are subscribed to this thread.Message ID: @.***>

-- Asaf Bartov @.***>