Skip to content

Fix event rating favoriting (my_rating always null for JWT users)#11621

Merged
nbudin merged 11 commits into
mainfrom
nbudin/issue11614
Jun 7, 2026
Merged

Fix event rating favoriting (my_rating always null for JWT users)#11621
nbudin merged 11 commits into
mainfrom
nbudin/issue11614

Conversation

@nbudin

@nbudin nbudin commented Jun 7, 2026

Copy link
Copy Markdown
Contributor

Summary

  • EventRatingPolicy#read? was delegating to manage?, which had a blanket return false if doorkeeper_token check. Since the SPA authenticates via JWT bearer tokens (which Doorkeeper treats as OAuth tokens), my_rating always returned nil for logged-in users. The rating was being saved correctly, but the mutation response contained my_rating: null, which Apollo wrote into its normalized cache — leaving the star unselected and the rating invisible until a hard reload (which still showed null for the same reason).
  • Fixed read? to gate on oauth_scope?(:read_signups) and manage? to gate on oauth_scope?(:manage_signups), consistent with how other personal-data policies in the codebase work. The SPA already requests both scopes at login, so no forced re-auth is needed.
  • Also changed the EventRating dataloader source to query EventRating.where(user_con_profile:, ...) directly rather than through the AR association proxy, which is a cleaner pattern for dataloader sources.
  • Updated read_signups and manage_signups scope descriptions in en.json to mention favorites and queues.

Test plan

  • Log in to a convention and click the favorite star on an event — star should turn gold immediately without a page reload
  • Reload the page — star should remain gold
  • Click the clear button — star should clear immediately
  • Verify bundle exec ruby -Itest test/policies/event_rating_policy_test.rb test/graphql/mutations/rate_event_test.rb passes

Fixes #11614

🤖 Generated with Claude Code

nbudin and others added 4 commits June 7, 2026 09:44
…scope handling

The RateEvent mutation was saving ratings correctly, but the mutation response
always returned my_rating: null for SPA users because EventRatingPolicy#read?
was blocking all OAuth/bearer token requests (the SPA uses JWT bearer tokens).
Apollo would then write my_rating: null into its normalized cache, leaving the
star unselected.

- EventRatingPolicy#read? now gates on oauth_scope?(:read_signups) instead of
  blanket-blocking all doorkeeper tokens; manage? gates on manage_signups
- The Scope class follows the same pattern for read_signups
- EventRating dataloader source now queries EventRating.where(user_con_profile:)
  directly rather than through the AR association proxy
- Updated scope descriptions in en.json to mention favorites and queues
- Added mutation tests and updated policy tests with proper FakeToken helpers

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
MockLink is a class, not a namespace; MockedResponse must be imported directly
from @apollo/client/testing.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The comma was in the wrong place — wait: 30 was being passed as the
assert failure message rather than as a Capybara timeout option,
so the navbar check was timing out at the default ~2s.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@nbudin nbudin added bug patch Bumps the patch version number on release labels Jun 7, 2026
nbudin and others added 7 commits June 7, 2026 10:33
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
prettyprint and other vendored gems emit "literal string will be frozen
in the future" warnings on Ruby 4.0. Warning[:performance] = false
silences them before any requires run.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…frozen string warnings

Warning[:performance] = false does not suppress the prettyprint "literal
string will be frozen" warning in practice — the warning isn't routed
through that category. Overriding Warning#warn directly is reliable
regardless of Ruby version or warning category.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The prettyprint 0.2.0 gem on RubyGems was published without
frozen_string_literal: true, but the v0.2.0 tag on GitHub has it.
Pointing Bundler at the git tag uses the correct version and eliminates
the Ruby 4.0 warnings without needing to intercept Warning#warn globally.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Browser console messages were empty on the page weight flake because
Chrome timed out before any JS ran. Logging the URL and page source
should reveal whether the issue is a Rails error, blank page, etc.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
… test

Ferrum's default timeout is 5s. The root path "/" triggers a CMS root_page
DB lookup that doesn't happen for /events/... paths; on a slow CI runner
(after multiple truncations) this can silently time out, leaving Chrome at
about:blank. Two fixes:
- Raise Ferrum timeout to 30s so navigation errors surface properly
- Retry visit "/" once if Chrome is still at about:blank after the first attempt

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@github-actions

github-actions Bot commented Jun 7, 2026

Copy link
Copy Markdown
Contributor

Code Coverage Report: Only Changed Files listed

Package Base Coverage New Coverage Difference
app/graphql/mutations/rate_event.rb 🟠 60% 🟢 100% 🟢 40%
app/javascript/EventRatings/EventRatingIcon.tsx 🔴 0% 🟢 86.67% 🟢 86.67%
app/javascript/EventRatings/RateEventControl.tsx 🔴 0% 🟢 100% 🟢 100%
app/javascript/EventRatings/mutations.generated.ts 🔴 0% 🟢 100% 🟢 100%
app/javascript/EventRatings/useRateEvent.ts 🔴 0% 🟢 100% 🟢 100%
app/policies/event_rating_policy.rb 🟠 75% 🟢 78.57% 🟢 3.57%
test/graphql/mutations/rate_event_test.rb 🔴 0% 🟢 100% 🟢 100%
test/system/page_weight_test.rb 🟢 96.3% 🟢 96.43% 🟢 0.13%
Overall Coverage 🟢 52.84% 🟢 53.01% 🟢 0.17%

Minimum allowed coverage is 0%, this run produced 53.01%

@nbudin nbudin merged commit 44161d6 into main Jun 7, 2026
25 of 27 checks passed
@nbudin nbudin deleted the nbudin/issue11614 branch June 7, 2026 18:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug patch Bumps the patch version number on release

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Favoriting/unfavoriting UI behavior is broken

1 participant