Closed sjwakeman closed 6 years ago
kwebster2
commented
7 years ago @ruthmesfun In addition to the wording, the test is too particular as to how this action should be coded. The tweet the test is trying to edit does not exist in the database, so if the student tries to find the tweet before checking whether or not the user is logged in, then they will get an ActiveRecord error, despite the fact that the action would work as expected in the browser.
DanielSeehausen
commented
6 years ago Thank you for spotting this issue and providing feedback. @sjwakeman thank you also @kwebster2 for raising an important point. In the interest of creating secure applications, we don't want anything being queried by users in our backends if they don't have the authorization to do so. Authentication should indeed happen before our database is hit.
We have updated the materials and believe your issue to have been resolved.
We apologize for any frustration you might have encountered during this process but thank you for helping us ensure that those who follow in your path will not encounter the same problems that you faced.
If you do not believe that this issue has been addressed, please re-open this issue. 💙
This error message appears to be strangely worded. Perhaps someone may want to review it and alter the choice of words used in the error message.
Thanks!