baarkerlounger
/
submit-social-housing-lettings-and-sales-data
mirror of https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Refactor user_allowed_action?

pull/1637/head
Kat 3 years ago
parent
aa2778df91
commit
d38c8cedec
2 changed files with 5 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      app/controllers/locations_controller.rb
  2. 2
      app/controllers/schemes_controller.rb

7
app/controllers/locations_controller.rb
Unescape View File

@ -4,7 +4,7 @@ class LocationsController < ApplicationController
before_action :authenticate_scope!
before_action :find_location, except: %i[create index]
before_action :find_scheme
before_action :authenticate_action!
before_action :authenticate_action!, only: %i[create update index new_deactivation deactivate_confirm deactivate postcode local_authority name units type_of_unit mobility_standards availability check_answers]
before_action :scheme_and_location_present, except: %i[create index]
include Modules::SearchFilter
@ -21,6 +21,7 @@ class LocationsController < ApplicationController
end
def postcode; end
def update; end
def update_postcode
@location.postcode = location_params[:postcode]
@ -225,13 +226,13 @@ private
end
def authenticate_action!
if %w[create update index new_deactivation deactivate_confirm deactivate postcode local_authority name units type_of_unit mobility_standards availability check_answers].include?(action_name) && !user_allowed_action?
unless user_allowed_action?
render_not_found and return
end
end
def user_allowed_action?
(current_user.organisation == @scheme&.owning_organisation) || (current_user.organisation.parent_organisations.any? { |org| org == @scheme&.owning_organisation }) || current_user.support?
current_user.support? || current_user.organisation == @scheme&.owning_organisation || current_user.organisation.parent_organisations.exists?(@scheme&.owning_organisation_id)
end
def location_params

2
app/controllers/schemes_controller.rb
Unescape View File

@ -271,7 +271,7 @@ private
end
def user_allowed_action?
(current_user.organisation == @scheme&.owning_organisation) || (current_user.organisation.parent_organisations.any? { |org| org == @scheme&.owning_organisation }) || current_user.support?
current_user.support? || current_user.organisation == @scheme&.owning_organisation || current_user.organisation.parent_organisations.exists?(@scheme&.owning_organisation_id)
end
def redirect_if_scheme_confirmed

Write Preview
Loading…
Cancel
Save