authorize is returning array with namespace, not just record

[jon-thompson]

What did you do?

From a Rails controller action that includes Pundit, project = authorize([:admin, Project.first]) as is done in the Pundit README.

What did you expect to happen?

After Pundit uses Admin::ProjectPolicy to authorize the current user's access to Project.first, I expected project to be Project.first.

What happened instead?

project was instead equal to [:admin, Project.first].

Make sure to include as much relevant information as possible. Ruby version, Pundit version, OS version and any stack traces you have are very valuable.

Ruby version 2.6.6 Pundit version 2.1.0 Mac OS 10.15.7

I see that master currently handles the namespace array properly, but the same method on version 2.1.0 just returns the array.

I validated that Pundit is finding the namespaced policy (Admin::ProjectPolicy) and using it correctly by throwing an exception when appropriate. This is simply an issue with the return value of authorize after a successful authorization using a namespaced policy.

Overall, I'm enjoying Pundit so far and would love to use this namespace shorthand, but until this is fixed, I'll need to explicitly pass the policy_class option or handle the returned array myself. Thanks for reading and in advance for any help on this!

[stadia]

so i writed method of controller

def authorize(record, query = nil)
      record = super([:api, record], query)
      record.is_a?(Array) ? record.last : record
end

[dgmstuart]

This was fixed in 2.1.1