chaps-io / access-granted

Multi-role and whitelist based authorization gem for Rails (and not only Rails!)
MIT License
773 stars 41 forks source link

Error when there is no user logged in #35

Closed victor-carv closed 8 years ago

victor-carv commented 8 years ago

I'm using an access policy in my rails 4 app that checks the user role, very similar to the example here.

role :moderator, proc { |u| u.moderator? } do
  can [:update, :destroy], Post
  can :update, User
end

role :guest do
  can :read, :all
end

I got an error when there are no user logged in, because the call u.moderator? expects an user and u is nil.

To fix this error I needed to override the initialize method:

def initialize(user)
  user ||= User.new
  super user
end

My question is: do I need to check when there is an @user in my policy or do I did something wrong applying the gem?

If I need to check the @user i think that would be great update the readme with this info.

pokonski commented 8 years ago

See this for a possible solution: https://github.com/chaps-io/access-granted/issues/32