if_permitted_to needs to infer the context to check the permission against.
In your case, you might try to set it explicitly with
has_permission_on :fruits, :to => :manage
has_permission_on :events, :to => :manage do
if_permitted_to :read, :eventable, :context => :fruits
if_permitted_to :read, :eventable, :context => :snacks
end
cf. http://www.tzi.org/~sbartsch/declarative_authorization/master/Authorization/Reader/AuthorizationRulesReader.html#method-i-
if_permitted_to
Else, it might be an error in the handling of polymorphic associations.
Maybe we should then rather take this to the issues tracker on Github.
Can you post the error stack there?
Steffen
You have a nil object when you didn't expect it! You might have expected an instance of Array. The error occurred while evaluating nil.length
And the Full Trace looks like:declarative_authorization (0.5.5) lib/declarative_authorization/obligation_scope.rb:120:in `follow_comparison' declarative_authorization (0.5.5) lib/declarative_authorization/obligation_scope.rb:87:in `follow_path' declarative_authorization (0.5.5) lib/declarative_authorization/obligation_scope.rb:81:in `each' declarative_authorization (0.5.5) lib/declarative_authorization/obligation_scope.rb:81:in `follow_path' declarative_authorization (0.5.5) lib/declarative_authorization/obligation_scope.rb:69:in `parse!' declarative_authorization (0.5.5) lib/declarative_authorization/in_model.rb:76:in `obligation_scope_for' declarative_authorization (0.5.5) lib/declarative_authorization/in_model.rb:75:in `each' declarative_authorization (0.5.5) lib/declarative_authorization/in_model.rb:75:in `obligation_scope_for' declarative_authorization (0.5.5) lib/declarative_authorization/in_model.rb:124:in `with_permissions_to' activerecord (3.1.3) lib/active_record/relation.rb:455:in `send' activerecord (3.1.3) lib/active_record/relation.rb:455:in `method_missing' activerecord (3.1.3) lib/active_record/relation.rb:180:in `scoping' activerecord (3.1.3) lib/active_record/base.rb:1196:in `with_scope' activerecord (3.1.3) lib/active_record/relation.rb:180:in `send' activerecord (3.1.3) lib/active_record/relation.rb:180:in `scoping' activerecord (3.1.3) lib/active_record/relation.rb:455:in `method_missing' app/models/event.rb:23:in `my_events'
If I leave out the context then I get the expected context issue:
declarative_authorization (0.5.5) lib/declarative_authorization/authorization.rb:459:in `obligations'
declarative_authorization (0.5.5) lib/declarative_authorization/authorization.rb:238:in `obligations'
declarative_authorization (0.5.5) lib/declarative_authorization/authorization.rb:237:in `collect'
declarative_authorization (0.5.5) lib/declarative_authorization/authorization.rb:237:in `obligations'
declarative_authorization (0.5.5) lib/declarative_authorization/in_model.rb:75:in `obligation_scope_for'
declarative_authorization (0.5.5) lib/declarative_authorization/in_model.rb:124:in `with_permissions_to'
Am I doing something wrong or is this still broken in d_a? I'm happy to work with you to get this solved!
Thanks,
-derek