From 070bb0c3687d4f3ec26e43dedffb84e003c9618d Mon Sep 17 00:00:00 2001
From: Devin Howard <devin@callysto.com>
Date: Tue, 25 Oct 2016 11:39:34 +0800
Subject: [PATCH] use a transaction to handle authorization vs invalid record
 in synapse controller

---
 app/controllers/synapses_controller.rb | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/app/controllers/synapses_controller.rb b/app/controllers/synapses_controller.rb
index e0b8f727..1f4f5b52 100644
--- a/app/controllers/synapses_controller.rb
+++ b/app/controllers/synapses_controller.rb
@@ -22,10 +22,15 @@ class SynapsesController < ApplicationController
     @synapse = Synapse.new(synapse_params)
     @synapse.desc = '' if @synapse.desc.nil?
     @synapse.desc.strip! # no trailing/leading whitespace
-    authorize @synapse
+
+    success = nil
+    ActiveRecord::Base.transaction do
+      success = @synapse.save
+      success ? authorize(@synapse) : skip_authorization
+    end
 
     respond_to do |format|
-      if @synapse.save
+      if success
         format.json { render json: @synapse, status: :created }
       else
         format.json { render json: @synapse.errors, status: :unprocessable_entity }