Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Admin] Ensure action_name is passed as symbol for cancancan authorization #5399

Merged

Conversation

rainerdema
Copy link
Contributor

@rainerdema rainerdema commented Sep 29, 2023

Summary

In the context of implementing permissions in the Solidus Demo, we identified that action_name in string format doesn't align with CanCanCan's authorize! method expectations.

It needs to be in symbol format to be processed correctly.
This change ensures our authorization logic functions as intended even for the new solidus admin views.

Checklist

Check out our PR guidelines for more details.

The following are mandatory for all PRs:

The following are not always needed:

  • 📖 I have updated the README to account for my changes.
  • 📑 I have documented new code with YARD.
  • 🛣️ I have opened a PR to update the guides.
  • ✅ I have added automated tests to cover my changes.
  • 📸 I have attached screenshots to demo visual changes.

@rainerdema rainerdema self-assigned this Sep 29, 2023
@github-actions github-actions bot added changelog:solidus_core Changes to the solidus_core gem changelog:solidus Changes to the solidus meta-gem changelog:repository Changes to the repository not within any gem changelog:solidus_admin labels Sep 29, 2023
@rainerdema rainerdema force-pushed the rainerd/fix/cancancan-action-name-symbol branch from c2faa57 to ae16e5a Compare September 29, 2023 10:39
@github-actions github-actions bot removed changelog:solidus_core Changes to the solidus_core gem changelog:solidus Changes to the solidus meta-gem changelog:repository Changes to the repository not within any gem labels Sep 29, 2023
@rainerdema rainerdema changed the title [Admin] Ensure action_name is passed as symbol for cancancan authorization [Admin] Ensure action_name is passed as symbol for cancancan authorization Sep 29, 2023
@rainerdema rainerdema changed the base branch from nebulab/admin to main September 29, 2023 13:25
@rainerdema rainerdema force-pushed the rainerd/fix/cancancan-action-name-symbol branch 3 times, most recently from 14f9f83 to aa0a406 Compare September 29, 2023 16:46
@rainerdema rainerdema marked this pull request as ready for review September 29, 2023 16:47
@rainerdema rainerdema requested a review from a team as a code owner September 29, 2023 16:47
@rainerdema rainerdema requested a review from elia September 29, 2023 16:47
@rainerdema rainerdema force-pushed the rainerd/fix/cancancan-action-name-symbol branch from aa0a406 to b06342d Compare October 3, 2023 14:55
@rainerdema rainerdema requested a review from elia October 4, 2023 07:41
Copy link
Member

@elia elia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just left a suggestion for adding some basic style to the error page

Comment on lines 1 to 2
<h1><%= t('solidus_admin.errors.authorization.access_denied.title') %></h1>
<p><%= t('solidus_admin.errors.authorization.access_denied.description') %></p>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thoughts on adding some TW style to this so it fits in with the context?

Copy link
Contributor Author

@rainerdema rainerdema Oct 6, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great point! I've added some TW styling for padding and alignment to ensure it meshes well with the context:
Screenshot 2023-10-06 at 17 47 57

Let me know WDYT 🙌

@rainerdema rainerdema force-pushed the rainerd/fix/cancancan-action-name-symbol branch from b06342d to c155a5f Compare October 6, 2023 15:48
Fix CanCanCan authorization by converting action_name to symbol.
In the context of implementing permissions in the Solidus Demo, we identified
that `action_name` in string format doesn't align with
CanCanCan's `authorize!` method expectations.
It needs to be in symbol format to be processed correctly.
This change ensures our authorization logic functions as intended
also for the new solidus admin views.
Enhance the SolidusAdmin authorization mechanism to improve user 
experience during unauthorized access attempts. Now, instead of 
previous behavior, users are redirected to a dedicated unauthorized 
page when attempting to access a resource for which they do not have 
permission.
@rainerdema rainerdema force-pushed the rainerd/fix/cancancan-action-name-symbol branch from c155a5f to dca1907 Compare October 6, 2023 15:54
@rainerdema rainerdema merged commit 218cc43 into solidusio:main Oct 6, 2023
2 checks passed
@rainerdema rainerdema deleted the rainerd/fix/cancancan-action-name-symbol branch October 6, 2023 16:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants