From d2e9ff363b657f3fad37be3b56aa418903e6dda6 Mon Sep 17 00:00:00 2001 From: evazion Date: Thu, 29 Dec 2016 15:45:23 -0600 Subject: [PATCH 1/2] Fix bug preventing Platinum users from commenting. Bug: Platinum users get this error when commenting: No route matches {:action=>"show", :controller=>"posts", :id=>nil} missing required keys: [:id] Fix: The issue was that `CurrentUser.role` was nil for Platinum users, which caused `Comment.create(create_params, :as => CurrentUser.role)` to silently ignore the create_params because the nil role wasn't in the attr_accessible whitelist. Despite this, things worked accidentally for other models because they had `attr_accessible ..., :as => [:default]` in their whitelists where the comment model didn't. --- app/models/user.rb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/models/user.rb b/app/models/user.rb index c1ca34e91..ee79c53de 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -369,6 +369,9 @@ class User < ActiveRecord::Base when Levels::GOLD :gold + when Levels::PLATINUM + :platinum + when Levels::BUILDER :builder From 6645847857bf4afce3fc04ecc57a3cba1a404125 Mon Sep 17 00:00:00 2001 From: evazion Date: Thu, 29 Dec 2016 15:56:48 -0600 Subject: [PATCH 2/2] Simplify User#role. --- app/models/user.rb | 23 +---------------------- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index ee79c53de..0e895a1c6 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -362,28 +362,7 @@ class User < ActiveRecord::Base end def role - case level - when Levels::MEMBER - :member - - when Levels::GOLD - :gold - - when Levels::PLATINUM - :platinum - - when Levels::BUILDER - :builder - - when Levels::MODERATOR - :moderator - - when Levels::JANITOR - :janitor - - when Levels::ADMIN - :admin - end + level_string.downcase.to_sym end def level_string_was