Clicking pet when viewing adoption applications as adopter fosterer leads to unauthorized error #1056
Comments
|
Hi, Please let me know if I can be assigned to this task. |
|
@princekumarg12 all yours! |
|
@kasugaijin i found this while debugging There are two reasons for this bug:
|
|
Ah good catch! So we have this PR #1039 to remove the StaffAccount and replace it with Person model. Can you please check out that branch and see if the bug still happens on that branch? It might not be a bug in that branch. |
|
I checked out the branch 1034-replace-staffaccount and found that the issue still persists. |
|
Ah ok thank you! I think it would make sense to hang on until that branch #1039 is merged because we are changing the architecture around a bit, and I think that would impact this fix. |
|
FYI @princekumarg12 that branch mentioned above is now merged. Are you interested in pursuing this now? |
|
This issue is marked as stale due to no activity within 30 days. If no further activity is detected within 7 days, it will be unassigned. |
Reproduction steps:
[email protected]:123456Adoption ApplicationspageExpected behavior:
In theory I have already put in an application to adopt these pets, so I would expect to be directed to a page with information about that pet (either generic information or information on the application I made).
Actual behavior:
I see an error message flash that says "You are not authorized to perform this action."
In the logs, I see a request was sent to
GET /alta/adoptable_pets/1failed the policy check and resulted in a 302 redirect.I believe because this part of the expression returns
falseas the pet does have a match (the current user).The text was updated successfully, but these errors were encountered: