How to trace a html button non-event? (Rails Authorization With Pundit)

[Ralph Shnelvar]

This is my first post here.  Comments on style, etc., are appreciated.

An answer is even more appreciated.

This is a continuation of my question at https://stackoverflow.com/questions/44856528/how-to-trace-a-html-button-non-event-rails-authorization-with-pundit

The problem:

Figure 1:
I have a form:

The first time I visit this page, everything seems to work. I can click on "Change Role" and update the appropriate row in the Postgres table.  I can do it as many times as I like with no problems.


If I click on, for instance, some...@yahoo.com (highlighted in yellow), I get to the following page:
Figure 2:

The above is just fine.

If I click on Users on the upper right, I return to the webage denoted as Figure 1.



Now things get, hmm, (un)interesting.

When I click on Change Role, nothing happens. 

I have hooked up Wireshark and I am almost 100% sure I see no Post going out when I click on Change Role.  I am pretty sure I see no outbound http when I click on Change Role

If I refresh the page, Change Role starts working again!

I am clueless where to look or what is going on.


app/controllers/users_controller.rb

class UsersController < ApplicationController  # See https://stackoverflow.com/questions/16519828/rails-4-before-filter-vs-before-action
  #   "As we can see in ActionController::Base, before_action is just a new syntax for before_filter"
  before_action :ralph_before_action
  after_action  :ralph_after_action
 
  before_filter :authenticate_user!
  after_action :verify_authorized

  def index
    # byebug if ralph_test_byebug
    @users = User.all
    authorize User
  end

  def show
    byebug if ralph_test_byebug
    @user = User.find(params[:id])
    authorize @user
  end

  def update
    # byebug # if ralph_test_byebug
    @user = User.find(params[:id])
    authorize @user
    byebug # if ralph_test_byebug
    if @user.update_attributes(secure_params)
      redirect_to users_path, :notice => "User updated."
    else
      redirect_to users_path, :alert => "Unable to update user."
    end
  end

  def destroy
    user = User.find(params[:id])
    authorize user
    user.destroy
    redirect_to users_path, :notice => "User deleted."
  end

  private

  def secure_params
    params.require(:user).permit(:role)
  end
 
  def ralph_before_action
    # byebug
    xyz=123
  end
 
  def ralph_after_action
    # byebug
    xyz=123
  end

end

app/views/users/index.html.erb

<div class="bigbox">
  <div class="box">
    <table class="table-minimal">
      <tbody>
        <% @users.each do |user| %>
          <tr>
            <%= render user %>
          </tr>
        <% end %>
      </tbody>
    </table>
  </div>
</div>

app/views/users/_user.html.erb

<td>
  <%= link_to user.email, user %>
</td>
<td>
  <%= form_for(user) do |f| %>
    <%= f.select(:role, User.roles.keys.map {|role| [role.titleize,role]}) %>
    <td>
    <button><%= f.submit 'Change Role' %></button>
    </td>
  <% end %>
</td>
<td>
  <%= link_to("Delete user", user_path(user), :data => { :confirm => "Are you sure?" }, :method => :delete, :class => 'button') unless user == current_user %>
</td>

[j...@room118solutions.com]

Hey Ralph,

The code that you posted looks good to me.  This feels like a Turbolinks issue since it goes away after a refresh - are you using Turbolinks?  If so, try disabling it.

If that doesn't work or isn't applicable, it might help if you could reproduce the issue somewhere like http://code.runnable.com

Jim

[Ralph Shnelvar]

May all the gods of all the religions bless you, your house, your family, your extended family, and your friends with health, happiness, long life, and great wealth.

Jesus, I spent an entire week on this!!!

Do you know of a document or link that explains how Turbolinks works?

Ralph

[j...@room118solutions.com]

Hey Ralph,

Happy to help!  The readme is a great resource: https://github.com/turbolinks/turbolinks

Jim