Zhang Zhang - 4 months ago 45
Ruby Question

Pundit::NotDefinedError: unable to find policy `UserPolicy`

I must be doing something wrong or I need glasses. I am following this tutorial here:

http://vaidehijoshi.github.io/blog/2015/09/29/using-pundit-the-cool-kid-of-authorization/

I've created the

application_policy.rb
file and
user_policy.rb
files inside the
app/policies
folder as instructed.

Pundit doesn't seem to detect my UserPolicy file inside
IntegrationTests
.

My Setup




  • Ruby on Rails 5 RC1

  • Ruby 2.2.4p230

  • Knock gem for JWT authentication

  • Pundit 1.1.0



user_policy.rb



class UserPolicy < ApplicationPolicy
def update?
user == resource
end
end


In my UserController, I have the defined REST API actions. Currently, I'm just testing the "update" action:

UsersController



def update
user = User.find_by({id: params[:id]})

authorize user

render json: { error: "Failed to find" }, status: :not_found and return unless user

if user.update!(user_params)
render json: user
else
render json: { error: "Not found" }, status: :not_found
end
end


users_controller_test.rb



test "update other user's data should raise NotAuthorized exception" do
@user_two = users(:two)

put user_path(@user_two.id), params: { first_name: "Jim" }, headers: @authorization_header
assert_response :success # forcing fail test for now to test plumbing
end


I am getting the following errors:

.E

Error:
UsersControllerTest#test_update_other_user's_data_should_raise_NotAuthorized_exception:
Pundit::NotDefinedError: unable to find policy `UserPolicy` for `#<User id: 298486374, first_name: "MyString", last_name: "MyString", email: "MyString", password_digest: "MyString", created_at: "2016-05-27 13:30:07", updated_at: "2016-05-27 13:30:07", role_id: nil>`
app/controllers/users_controller.rb:42:in `update'
test/controllers/users_controller_test.rb:60:in `block in <class:UsersControllerTest>'


Any ideas what I might be doing wrong?

Edit



If it's any help, my UserControllerTest file looks like this:

require 'test_helper'

class UsersControllerTest < ActionDispatch::IntegrationTest
def authenticate
token = Knock::AuthToken.new(payload: { sub: users(:one).id }).token
@authorization_header = { HTTP_AUTHORIZATION: "Bearer #{token}" }
end

setup do
# load "#{Rails.root}/db/seeds.rb"
Rails.application.load_seed
authenticate
@user = users(:one)
end

test "logged in user should return ok" do
get users_path, headers: @authorization_header
assert_response :ok
end

test "not logged in user should return unauthorized" do
get users_path
assert_response :unauthorized
end

test "user json should not contain password_digest" do
get user_path(@user.id), headers: @authorization_header
assert_response :ok
json = JSON.parse(response.body)
assert json.key?("password_digest") == false
end

test "create user without authorization header should return created" do
user = {
first_name: "Bob",
last_name: "Brown",
email: "bob@gmail.com",
password: "abc",
password_confirmation: "abc"
}

post users_path, params: user
assert_response :created
json = JSON.parse(response.body)
assert !json.empty?
end

test "update user should return ok" do
put user_path(@user.id), params: { first_name: "Bob"}, headers: @authorization_header
assert_response :ok

updated_user = User.find_by({id: @user.id})

assert_equal "Bob", updated_user.first_name
end

test "update other user's data should raise NotAuthorized exception" do
@user_two = users(:two)

put user_path(@user_two.id), params: { first_name: "Jim" }, headers: @authorization_header
assert_response :success
end

test "delete user shoudl return ok" do
assert_difference "User.count", -1 do
delete user_path(@user.id), headers: @authorization_header
end
end
end


All my tests were passing before I added the Pundit stuff an hour ago.

Answer

Okay....I don't know what the heck happened but apparently, I quit all my Mac terminal AND Atom IDE where I typed my code.

Then I opened my terminal and did a rails test command again, and this time it worked:

....E

Error:
UsersControllerTest#test_update_other_user's_data_should_raise_NotAuthorized_exception:
Pundit::NotAuthorizedError: not allowed to update? this #<User id: 298486374, first_name: "MyString", last_name: "MyString", email: "MyString", password_digest: "MyString", created_at: "2016-05-27 15:19:51", updated_at: "2016-05-27 15:19:51", role_id: nil>
    app/controllers/users_controller.rb:42:in `update'
    test/controllers/users_controller_test.rb:60:in `block in <class:UsersControllerTest>'

Bizarre...

TL;DR

  1. Quit your IDE and Terminal
  2. Reopen your Terminal, then try again
Comments