Closed swhcgh closed 7 years ago
user_roles = @user.roles
user_roles.each do |role|
@user.remove_role(role.name)
end
# Add Roles that were checked
roles.each do |role|
@user.add_role(role)
end
lines 80-89 in the user_controller are the issue, not sure how to approach correcting the behavior though. users_roles doesn't seem to be directly accessible without having a model for it
Further testing:
Using destroy user WITHOUT telling the controller to remove the roles is fine, it removes the users_roles entries automatically. But updating a user with the intent of removing a role, while removing
#user_roles.each do |role|
#@user.remove_role(role.name)
#end
from the controller, does not work. It just adds the new role and leaves the old one in place.
BJ - I'm trying to write a script to add predefined roles and caps to the database. That part works fine. However: When you edit or delete a user, remove_role is not just updating the users_roles table. It also will delete that role completely if you delete the user IF that is the only user with that role. If you update the user, it will delete and then remake the role with the auto_incrementing id, again IF its the only user with that role. This is going to cause problems with having pre-defined caps imported, as if that role name is remade, those caps no longer are applicable.