ethn
commented
3 months ago Thanks for the report! I just pushed out Decko 0.17.0, which I believe should fix this problem.
Closed localhost closed 3 months ago
ethn
commented
3 months ago Thanks for the report! I just pushed out Decko 0.17.0, which I believe should fix this problem.
localhost
commented
3 months ago Hey @ethn, thank you very much!
Unfortunately, with the latest 0.17.0 installed and bundle exec decko update run, I get:
Processing by CardController#read as HTML
exception = Card::Error::ServerError: undefined method `read_rules_hash' for #<Card:0x00007f112e274bb0>
exception = NoMethodError: undefined method `read_rules_hash' for #<Card:0x00007f112e274bb0>
Completed 500 Internal Server Error in 43ms (ActiveRecord: 0.0ms | Allocations: 18866)I also have added quite a bit of content to my installation.
Would I need to involve the event to finalize registering somehow manually?
localhost
commented
3 months ago Ok, I managed to render the login page (although without stylesheets) and then could reset my password with these safeguards:
diff -u card-mod-permissions-0.17.0/set/all/permissions.rb.orig card-mod-permissions-0.17.0/set/all/permissions.rb
--- card-mod-permissions-0.17.0/set/all/permissions.rb.orig
+++ card-mod-permissions-0.17.0/set/all/permissions.rb
@@ -97,7 +97,7 @@
return false if Card.config.read_only # :read does not call #permit
return true if Auth.always_ok?
- Auth.as_card.among? who_can(action)
+ Auth.as_card.respond_to?(:among?) && Auth.as_card.among?(who_can(action))
end
def permit action, verb=nil
@@ -136,7 +136,7 @@
return true if Auth.always_ok?
self.read_rule_id ||= permission_rule_id :read
- return true if Auth.as_card.read_rules_hash[read_rule_id]
+ return true if Auth.as_card&.respond_to?(:read_rules_hash) && Auth.as_card.read_rules_hash&.[](read_rule_id)
deny_because you_cant "read this"
endNow I can logout and login again with my password, without having to do a password reset to be logged in.
The signin page source shows 3 of these:
<span class="denied"><!-- Sorry, you don't have permission (read) --></span>
But the users table is still empty. Is this normal?
ethn
commented
3 months ago It's normal that the users table is empty. That table is legacy and will be deleted at Decko 1.0. All the user handling was long ago moved into cards.
The problem is that you are somehow authenticated with a card that is not an account holder. Can you figure out what kind of card it is? For example, you could add debugging like:
puts Card::Auth.as_card.name
puts Card::Auth.as_card.codename
puts Card::Auth.as_card.type_nameMy guess is that this card would be "Decko Bot" (with the codename wagn_bot). If so it's very strange that this card would not have the account holder methods.
If we can resolve the authentication issue, decko update should run. If we are able to get decko update to run, the stylesheet problems will likely get resolved`
Sorry for the nuisance.
ethn
commented
3 months ago Come to think of it, this is probably related to the "salt" thing. Somehow the account methods are not being reached.
If you find a card that is supposed to be a user card that doesn't have the type "user", you can consider changing its type by going to bundle exec decko console and doing something like:
Card::Auth.as_bot { cardmark.card.update! type_id: :user.card_id }
... where cardmark is an id (Integer), name (String), or codename (Symbol).
If the problem is the DeckoBot card, we may have to correct the data in the database directly.
localhost
commented
3 months ago Thanks for you help, I really appreciate it!
Unregistered, index:
Started GET "/" for 10.42.0.11 at 2024-06-13 10:14:59 +0200
Processing by CardController#read as HTML
ok_to_read?
Anonymous
anonymous
RichText
permitted?
Anonymous
anonymous
RichText
ok_to_read?
Anonymous
anonymous
RichText
ok_to_read?
Anonymous
anonymous
RichText
ok_to_read?
Anonymous
anonymous
RichText
Rendered text template (Duration: 0.0ms | Allocations: 1)
Completed 403 Forbidden in 25ms (Views: 0.3ms | Allocations: 9873)
Started GET "/favicon.ico" for 10.42.0.11 at 2024-06-13 10:14:59 +0200
Processing by CardController#read as */*
Parameters: {"mark"=>"favicon"}
Rendered text template (Duration: 0.1ms | Allocations: 1)
Completed 404 Not Found in 16ms (Views: 1.0ms | Allocations: 1880)"Sign In"
Started GET "/favicon.ico" for 10.42.0.11 at 2024-06-13 10:14:59 +0200
Processing by CardController#read as */*
Parameters: {"mark"=>"favicon"}
Rendered text template (Duration: 0.1ms | Allocations: 1)
Completed 404 Not Found in 16ms (Views: 1.0ms | Allocations: 1880)
Started GET "/*signin/titled" for 10.42.0.11 at 2024-06-13 10:16:50 +0200
Processing by CardController#read as HTML
Parameters: {"mark"=>"*signin", "view"=>"titled"}
ok_to_read?
Anonymous
anonymous
RichText
ok_to_read?
Anonymous
anonymous
RichText
ok_to_read?
Anonymous
anonymous
RichText
Rendered text template (Duration: 0.0ms | Allocations: 1)
Completed 200 OK in 44ms (Views: 0.3ms | Allocations: 22812)Successful login:
Started PATCH "/update/*signin" for 10.42.0.11 at 2024-06-13 10:17:29 +0200
Processing by CardController#update as HTML
Parameters: {"utf8"=>"_", "success"=>{"redirect"=>"true", "mark"=>"/"}, "card"=>{"subcards"=>{"+*email"=>{"content"=>"alex@example.com", "type_id"=>"43"}, "+*password"=>"[FILTERED]"}}, "button"=>"", "mark"=>"*signin"}
permitted?
Anonymous
anonymous
RichText
Redirected to http://decko.example.com:3000/
Completed 303 See Other in 79ms (ActiveRecord: 24.6ms | Allocations: 18653)
Started GET "/" for 10.42.0.11 at 2024-06-13 10:17:29 +0200
Processing by CardController#read as HTML
Rendered text template (Duration: 0.0ms | Allocations: 1)
Completed 200 OK in 219ms (Views: 0.3ms | ActiveRecord: 0.5ms | Allocations: 102341)
Started GET "/files/~445/1718130022.css" for 10.42.0.11 at 2024-06-13 10:17:30 +0200
Processing by CardController#read as CSS
Parameters: {"explicit_file"=>true, "mark"=>"~445", "rev_id"=>"1718130022"}
Sent file /home/admin/plants/files/445/1718130022.css (0.2ms)
Completed 200 OK in 14ms (ActiveRecord: 0.0ms | Allocations: 3781)
Started GET "/files/~539/1718130012.js" for 10.42.0.11 at 2024-06-13 10:17:30 +0200
Processing by CardController#read as JS
Parameters: {"explicit_file"=>true, "mark"=>"~539", "rev_id"=>"1718130012"}
Sent file /home/admin/plants/files/539/1718130012.js (0.1ms)
Completed 200 OK in 13ms (ActiveRecord: 0.0ms | Allocations: 3685)
Started GET "/files/~543/list.js" for 10.42.0.11 at 2024-06-13 10:17:30 +0200
Processing by CardController#read as JS
Parameters: {"explicit_file"=>true, "mark"=>"~543", "rev_id"=>"list"}
Sent file /home/admin/plants/files/543/list.js (0.1ms)
Completed 200 OK in 9ms (ActiveRecord: 0.0ms | Allocations: 3682)
Started GET "/files/~552/search.js" for 10.42.0.11 at 2024-06-13 10:17:30 +0200
Processing by CardController#read as JS
...
Started GET "/files/:favicon/carrierwave-small.png" for 10.42.0.11 at 2024-06-13 10:17:30 +0200
Processing by CardController#read as PNG
Parameters: {"explicit_file"=>true, "mark"=>":favicon", "rev_id"=>"carrierwave", "size"=>"small"}
Sent file /home/admin/.gem/ruby/3.3.2/gems/card-mod-carrierwave-0.17.0/data/files/favicon/image-small.png (0.4ms)
Completed 200 OK in 28ms (ActiveRecord: 0.0ms | Allocations: 3540)When logged in, it doesn't seem to hit my puts. I'll try to gather a bit more information.
Addendum:
I just put it in ok? and my user's card name is alex, codename is empty, type is User.
localhost
commented
3 months ago Something different: I just got bitten by this: rubyworks/facets/issues/307, when I tried to add an image to a card using the menu option in the visual editor.
If I rename the method call in facets-3.1.0/lib/standard/facets/ostruct/initialize.rb from new_ostruct_member to new_ostruct_member!, it works. :)
localhost
commented
3 months ago Ok, this is strange. The CSS error seems to be gone since I fixed the ostruct thing. :four_leaf_clover:
ethn
commented
3 months ago Can you now run bundle exec decko update without error?
localhost
commented
3 months ago Yep, but that also worked previously, it just had no effect on the problems.
ethn
commented
3 months ago Ah, I think I misread an early comment.
I'm still a bit curious about that initial authentication error. Do you still have the #read_rules_hash error if you drop your respond_to? clause? I'm trying to figure out whether "Anonymous" or your own user card is the problem.
It's probably fine that you're not seeing the debugging after signed in if at that point you have an admin user and are probably bypassing the one-off permission checks with always_ok?.
But I'm now noticing that the permissions.rb code snippet you included doesn't look like 0.17 code. It should look like https://github.com/decko-commons/decko/blob/main/mod/permissions/set/all/permissions.rb(see #permit).
It's also surprising to me that this facets gem would cause problems for decko because it's not a gem that decko uses. Are you adding that (or something that depends on it) to your Gemfile?
localhost
commented
3 months ago Got it! It's the JS interpreter ducktape (used via execjs, which itself is required by coffee-script coming from activesupport), that imports facets/ostruct.
I just removed card-mod-permission and reinstalled it via gem install card-mod-permissions --version 0.17.0. It produces exactly the same diff output.
Also my local 0.17.0 is exactly the same as the refs/heads/main you linked.
I'm now using the unpatched permissions.rb from v0.17.0 and I also see the CSS when not logged in. Everything else works fine, too.
So it seems this was all related to the fact, that Ruby 3.3.2 triggers the new_ostruct_member missing method exception from facets, which is used with the ducktape JS interpreter.
Well, it could be, that originally the admin account wasn't set up completely, because the registration didn't go through. But this seems to have been fixed with your account event change from 0.17.0.
Maybe the constellation of the stars was also involved somehow. 😁
I have a problem with a fresh Decko 0.16.0 installation.
Upon setting up the very first account, I get the following error when submitting the signup form:
I found that the error is raised in
set/right/password.rbline 21 from the Decko dependency gem card-mod-account (0.16.0). If I temporarily assign an empty string to salt, it works. But the password wouldn't be salted then?