baarkerlounger
/
submit-social-housing-lettings-and-sales-data
mirror of https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Refactor user_allowed_action?

pull/1637/head
Kat 3 years ago
parent
aa2778df91
commit
d38c8cedec
2 changed files with 5 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      app/controllers/locations_controller.rb
  2. 2
      app/controllers/schemes_controller.rb

7
app/controllers/locations_controller.rb
Unescape View File

@ -4,7 +4,7 @@ class LocationsController < ApplicationController
before_action :authenticate_scope! before_action :authenticate_scope!
before_action :find_location, except: %i[create index] before_action :find_location, except: %i[create index]
before_action :find_scheme before_action :find_scheme
before_action :authenticate_action! before_action :authenticate_action!, only: %i[create update index new_deactivation deactivate_confirm deactivate postcode local_authority name units type_of_unit mobility_standards availability check_answers]
before_action :scheme_and_location_present, except: %i[create index] before_action :scheme_and_location_present, except: %i[create index]
include Modules::SearchFilter include Modules::SearchFilter
@ -21,6 +21,7 @@ class LocationsController < ApplicationController
end end
def postcode; end def postcode; end
def update; end
def update_postcode def update_postcode
@location.postcode = location_params[:postcode] @location.postcode = location_params[:postcode]
@ -225,13 +226,13 @@ private
end end
def authenticate_action! def authenticate_action!
if %w[create update index new_deactivation deactivate_confirm deactivate postcode local_authority name units type_of_unit mobility_standards availability check_answers].include?(action_name) && !user_allowed_action? unless user_allowed_action?
render_not_found and return render_not_found and return
end end
end end
def user_allowed_action? def user_allowed_action?
(current_user.organisation == @scheme&.owning_organisation) || (current_user.organisation.parent_organisations.any? { |org| org == @scheme&.owning_organisation }) || current_user.support? current_user.support? || current_user.organisation == @scheme&.owning_organisation || current_user.organisation.parent_organisations.exists?(@scheme&.owning_organisation_id)
end end
def location_params def location_params

2
app/controllers/schemes_controller.rb
Unescape View File

@ -271,7 +271,7 @@ private
end end
def user_allowed_action? def user_allowed_action?
(current_user.organisation == @scheme&.owning_organisation) || (current_user.organisation.parent_organisations.any? { |org| org == @scheme&.owning_organisation }) || current_user.support? current_user.support? || current_user.organisation == @scheme&.owning_organisation || current_user.organisation.parent_organisations.exists?(@scheme&.owning_organisation_id)
end end
def redirect_if_scheme_confirmed def redirect_if_scheme_confirmed

Write Preview
Loading…
Cancel
Save