This is my first post here. Comments on style, etc., are appreciated.
An answer is even more appreciated.
This is a continuation of my question at
https://stackoverflow.com/questions/44856528/how-to-trace-a-html-button-non-event-rails-authorization-with-punditThe problem:
Figure 1:I have a form:
The first time I visit this page, everything seems to work. I can click on "Change Role" and update the appropriate row in the Postgres table. I can do it as many times as I like with no problems.
If I click on, for instance,
some...@yahoo.com (highlighted in yellow), I get to the following page:
Figure 2:The above is just fine.
If I click on Users on the upper right, I return to the webage denoted as Figure 1.
Now things get, hmm, (un)interesting.
When I click on Change Role, nothing happens.
I have hooked up Wireshark and I am almost 100% sure I see no Post going out when I click on Change Role. I am pretty sure I see no outbound http when I click on Change Role
If I refresh the page, Change Role starts working again!
I am clueless where to look or what is going on.
app/controllers/users_controller.rb
class UsersController < ApplicationController # See https://stackoverflow.com/questions/16519828/rails-4-before-filter-vs-before-action
# "As we can see in ActionController::Base, before_action is just a new syntax for before_filter"
before_action :ralph_before_action
after_action :ralph_after_action
before_filter :authenticate_user!
after_action :verify_authorized
def index
# byebug if ralph_test_byebug
@users = User.all
authorize User
end
def show
byebug if ralph_test_byebug
@user = User.find(params[:id])
authorize @user
end
def update
# byebug # if ralph_test_byebug
@user = User.find(params[:id])
authorize @user
byebug # if ralph_test_byebug
if @user.update_attributes(secure_params)
redirect_to users_path, :notice => "User updated."
else
redirect_to users_path, :alert => "Unable to update user."
end
end
def destroy
user = User.find(params[:id])
authorize user
user.destroy
redirect_to users_path, :notice => "User deleted."
end
private
def secure_params
params.require(:user).permit(:role)
end
def ralph_before_action
# byebug
xyz=123
end
def ralph_after_action
# byebug
xyz=123
end
end
app/views/users/index.html.erb
<div class="bigbox">
<div class="box">
<table class="table-minimal">
<tbody>
<% @users.each do |user| %>
<tr>
<%= render user %>
</tr>
<% end %>
</tbody>
</table>
</div>
</div>
app/views/users/_user.html.erb
<td>
<%= link_to user.email, user %>
</td>
<td>
<%= form_for(user) do |f| %>
<%= f.select(:role, User.roles.keys.map {|role| [role.titleize,role]}) %>
<td>
<button><%= f.submit 'Change Role' %></button>
</td>
<% end %>
</td>
<td>
<%= link_to("Delete user", user_path(user), :data => { :confirm => "Are you sure?" }, :method => :delete, :class => 'button') unless user == current_user %>
</td>