baarkerlounger
/
submit-social-housing-lettings-and-sales-data
mirror of https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Revert "Add current user to Thread for request-scoped user access" 

This reverts commit 2bd97b2a87.
pull/2646/head
Manny Dinssa 2 years ago
parent
d74b126fc0
commit
5e0acec55a
6 changed files with 7 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      app/controllers/application_controller.rb
  2. 2
      app/controllers/users_controller.rb
  3. 4
      app/helpers/filters_helper.rb
  4. 2
      app/models/lettings_log.rb
  5. 2
      app/models/log.rb
  6. 14
      app/models/user.rb

5
app/controllers/application_controller.rb
Unescape View File

@ -5,7 +5,6 @@ class ApplicationController < ActionController::Base
before_action :check_maintenance_status
before_action :set_paper_trail_whodunnit
before_action :set_current_user
def check_maintenance_status
if FeatureToggle.service_moved?
@ -42,8 +41,4 @@ protected
def byte_order_mark
"\uFEFF"
end
def set_current_user
Thread.current[:current_user] = current_user
end
end

2
app/controllers/users_controller.rb
Unescape View File

@ -33,7 +33,7 @@ class UsersController < ApplicationController
end
def search
users = User.visible.search_by(params["query"]).limit(20)
users = User.visible_to_user(current_user).search_by(params["query"]).limit(20)
user_data = users.each_with_object({}) do |user, hash|
hash[user.id] = { value: user.name, hint: user.email }

4
app/helpers/filters_helper.rb
Unescape View File

@ -112,7 +112,7 @@ module FiltersHelper
def assigned_to_filter_options(filter_type)
if applied_filters(filter_type)["assigned_to"] == "specific_user" && applied_filters(filter_type)["user"].present?
user_id = applied_filters(filter_type)["user"]
selected_user = User.visible.where(id: user_id)&.first
selected_user = User.visible_to_user(current_user).where(id: user_id)&.first
return [OpenStruct.new(id: selected_user.id, name: selected_user.name, hint: selected_user.email)] if selected_user.present?
end
@ -306,7 +306,7 @@ private
return "You" if session_filters["assigned_to"].include?("you")
user_id = session_filters["user"].to_i
selected_user_option = User.visible.where(id: user_id)&.first
selected_user_option = User.visible_to_user(current_user).where(id: user_id)&.first
return unless selected_user_option

2
app/models/lettings_log.rb
Unescape View File

@ -132,7 +132,7 @@ class LettingsLog < Log
illness_type_10: false)
}
scope :filter_by_user_text_search, ->(param, _user) { where(assigned_to: User.visible.search_by(param)) }
scope :filter_by_user_text_search, ->(param, user) { where(assigned_to: User.visible_to_user(user).search_by(param)) }
scope :filter_by_owning_organisation_text_search, ->(param, _user) { where(owning_organisation: Organisation.search_by(param)) }
scope :filter_by_managing_organisation_text_search, ->(param, _user) { where(managing_organisation: Organisation.search_by(param)) }

2
app/models/log.rb
Unescape View File

@ -53,7 +53,7 @@ class Log < ApplicationRecord
scope :filter_by_organisation, ->(org, _user = nil) { where(owning_organisation: org).or(where(managing_organisation: org)) }
scope :filter_by_owning_organisation, ->(owning_organisation, _user = nil) { where(owning_organisation:) }
scope :filter_by_managing_organisation, ->(managing_organisation, _user = nil) { where(managing_organisation:) }
scope :filter_by_user_text_search, ->(param, _user) { where(assigned_to: User.visible.search_by(param)) }
scope :filter_by_user_text_search, ->(param, user) { where(assigned_to: User.visible_to_user(user).search_by(param)) }
scope :filter_by_owning_organisation_text_search, ->(param, _user) { where(owning_organisation: Organisation.search_by(param)) }
scope :filter_by_managing_organisation_text_search, ->(param, _user) { where(managing_organisation: Organisation.search_by(param)) }

14
app/models/user.rb
Unescape View File

@ -6,10 +6,6 @@ class User < ApplicationRecord
devise :database_authenticatable, :recoverable, :rememberable,
:trackable, :lockable, :two_factor_authenticatable, :confirmable, :timeoutable
def self.current
Thread.current[:current_user]
end
# Marked as optional because we validate organisation_id below instead so that
# the error message is linked to the right field on the form
belongs_to :organisation, optional: true
@ -88,14 +84,8 @@ class User < ApplicationRecord
scope :not_signed_in, -> { where(last_sign_in_at: nil, active: true) }
scope :deactivated, -> { where(active: false) }
scope :active_status, -> { where(active: true).where.not(last_sign_in_at: nil) }
scope :visible, lambda {
current_user = User.current
if current_user&.support?
where(discarded_at: nil)
else
where(discarded_at: nil).where(organisation: current_user.organisation.child_organisations + [current_user.organisation])
end
}
scope :visible, -> { where(discarded_at: nil) }
scope :visible_to_user, ->(user) { user.support? ? visible : visible.where(organisation: user.organisation.child_organisations + [user.organisation]) }
attr_accessor :log_reassignment

Write Preview
Loading…
Cancel
Save