Fix Paginating, Sorting, and Searching Issues Within "Research Outputs" Tab #938
Conversation
Search by `research_outputs.title` (case-insensitive)
| # Same @research_outputs assignment as app/controllers/research_outputs_controller.rb | ||
| @research_outputs = ResearchOutput.includes(:repositories).where(plan_id: @plan.id) | ||
| # Same authorize handling as app/controllers/research_outputs_controller.rb | ||
| authorize @research_outputs.first || ResearchOutput.new(plan_id: @plan.id) |
There was a problem hiding this comment.
I see this authorize handling on app/controllers/research_outputs_controller.rb. Why are we creating a new ResearchOutput if we cannot find one ?
There was a problem hiding this comment.
In the case of app/controllers/research_outputs_controller.rb:
If I only use authorize @research_outputs.first, I encounter the following if the plan has no research_outputs:
Pundit::NotDefinedError - unable to find policy `NilClassPolicy` for `nil`:
app/controllers/research_outputs_controller.rb:17:in `index'
If I use authorize @research_outputs.first if @research_outputs.first.present?, I encounter the following if the plan has no research_outputs:
Pundit::AuthorizationNotPerformedError at /plans/14224/research_outputs
ResearchOutputsController
However, it may be the case that there is always at least one research output when app/controllers/paginable/research_outputs_controller.rb is called. But it might still be safest to keep authorize @research_outputs.first || ResearchOutput.new(plan_id: @plan.id)? (I could at least add a comment explaining this a bit).
There was a problem hiding this comment.
A comment would be good. Also add the method call parenthesis to clarify the expected order.
There was a problem hiding this comment.
However, it may be the case that there is always at least one research output when
app/controllers/paginable/research_outputs_controller.rbis called. But it might still be safest to keepauthorize @research_outputs.first || ResearchOutput.new(plan_id: @plan.id)? (I could at least add a comment explaining this a bit).
I guess || ResearchOutput.new(plan_id: @plan.id) prevents Pundit::NotDefinedError when a direct GET /paginable/plans/:id/research_outputs request is made on a plan with 0 research_outputs.
There was a problem hiding this comment.
A comment would be good. Also add the method call parenthesis to clarify the expected order.
Cool, I made one more commit addressing this.
| @plan = Plan.find_by(id: params[:plan_id]) | ||
| # Same @research_outputs assignment as app/controllers/research_outputs_controller.rb | ||
| @research_outputs = ResearchOutput.includes(:repositories).where(plan_id: @plan.id) |
There was a problem hiding this comment.
Do we need @plan and @research_outputs to be instance variables?
There was a problem hiding this comment.
There is a corresponding app/views/paginable/research_outputs/_index.html.erb. That file has usage of @plan, but I think @research_outputs can be changed to research_outputs.
|
|
||
| # GET /paginable/plans/:plan_id/research_outputs | ||
| def index | ||
| @plan = Plan.find_by(id: params[:plan_id]) |
There was a problem hiding this comment.
Do we need to authorize by plan ? Something like
roadmap/app/controllers/paginable/contributors_controller.rb
Lines 14 to 15 in 60f89e6
We would need to add an application policy on app/policies/paginable/
There was a problem hiding this comment.
app/policies/research_output_policy.rb might be taking care of this. Here's a bit of that file's contents:
def index?
@research_output.plan.readable_by?(@user.id)
end
def new?
@research_output.plan.administerable_by?(@user.id)
end
def edit?
@research_output.plan.administerable_by?(@user.id)
end
def create?
@research_output.plan.administerable_by?(@user.id)
endThe corresponding view, `app/views/paginable/research_outputs/_index.html.erb`, uses `scope` rather than `@research_outputs`.
Fixes #935
Changes proposed in this PR:
scope :searchtoResearchOutputmodel: e289fbaresearch_outputs.title(case-insensitive)app/controllers/paginable/research_outputs_controller.rb3c5a478/plans/:plan_id/research_outputspage:research_outputs.titlematches)