CanCanCommunity
inconsistent behaviour with Hash subjects
Hi everyone, I'm having a few issues using cancancan with graphql-ruby, I've opened a issue on that project too but I'm here to ask if this is the expected behaviour and if you can suggest a way to handle it.
When I check permissions this hash:
{
search: Search.new, # an active record model
configuration: { my_field: 1 }
}
I receive the hash inside the Ability block that should check permissions on the Search type
can :read, Search do |search|
# search is a Hash instead of a Search
end
because the code is changing the subject using subject = subject.values.first if subject.class == Hash but it passes the old subject to the validation block
Steps to reproduce
this code shows the issue, it will print Hash since we are receiving a Hash instead of a Search
class Search < ActiveRecord::Base
end
class Ability
include CanCan::Ability
attr_accessor :user
def initialize
can :read, Search do |search|
puts search.class
true
end
end
end
Ability.new.can?(:read, { search: Search.new, configuration: {field: 'hello' }})
Expected behavior
I expected the can :read, Search to be called with a Search
Actual behavior
can :read, Search is being called with a Hash
System configuration
Rails version: 6.1.7
Ruby version: 3.0.2
CanCanCan version cancancan 3.4.0
