Pundit::NotAuthorizedError: ....

[sentry-io[bot]]

Sentry Issue: CONVENE-25

Pundit::NotAuthorizedError: not allowed to edit? this Space (Pundit::NotAuthorizedError)
  app/controllers/spaces_controller.rb:68:in `block in space'
    authorize(space)
  app/controllers/spaces_controller.rb:67:in `space'
    end.tap do |space|
  app/controllers/spaces_controller.rb:59:in `space'
    @space ||= if params[:id]
  app/views/spaces/edit.html.erb:1:
    <% breadcrumb :edit_space, space %>
  app/models/neighborhood/time_zone_mixin.rb:7:in `set_time_zone'
    Time.use_zone(ENV.fetch("NEIGHBORHOOD_TIME_ZONE"), &block)
...
(125 additional frame(s) were not displayed)

[sentry-io[bot]]

Sentry issue: CONVENE-22

[sentry-io[bot]]

Sentry issue: CONVENE-24

[zspencer]

I'm going to stop sending these to Sentry now.

[anaulin]

@zspencer isn't it a real bug that we're showing someone the "edit" form / button but then not allowing them to actually perform the action? (or is this someone trying to break in somehow? i didn't look at the error in detail yet)

Yeah, no need to send our 404s to Sentry.

[zspencer]

Good question; I noticed a whole cluster of them come in, likely due to bookmarks; but I can double-check before I close.

[zspencer]

Yea, it looks like these are just bookmarks or what not; or our Sentry is not picking up multi-visit sessions.

[anaulin]

I am a tiny bit worried that it might be related to the bug Kelly reported here: https://github.com/zinc-collective/convene/issues/1841

[zspencer]

Yea, I don't think that's Pundit-related; because it would be 404ing instead of a success. I think it's more likely got to do with forms not quite submitting things right with http methods.