2015-09-23 19:20:03 +02:00
|
|
|
|
class UsersController < ApplicationController
|
|
|
|
|
|
before_action :authenticate_user!
|
2015-10-09 16:26:39 +02:00
|
|
|
|
|
2016-02-01 18:18:55 +01:00
|
|
|
|
def index
|
|
|
|
|
|
redirect_to root_path
|
|
|
|
|
|
end
|
|
|
|
|
|
|
2018-03-20 17:47:37 +01:00
|
|
|
|
def current_user_dossier(dossier_id = nil)
|
2016-01-25 15:54:21 +01:00
|
|
|
|
dossier_id ||= params[:dossier_id] || params[:id]
|
2015-10-09 16:26:39 +02:00
|
|
|
|
|
2016-09-14 16:36:01 +02:00
|
|
|
|
dossier = Dossier.find(dossier_id)
|
|
|
|
|
|
|
2018-03-29 15:40:58 +02:00
|
|
|
|
if !dossier.owner_or_invite?(current_user)
|
|
|
|
|
|
raise ActiveRecord::RecordNotFound
|
|
|
|
|
|
end
|
2016-09-14 16:36:01 +02:00
|
|
|
|
|
2018-03-29 15:40:58 +02:00
|
|
|
|
dossier
|
2015-10-09 16:26:39 +02:00
|
|
|
|
end
|
2016-01-25 15:54:21 +01:00
|
|
|
|
|
2018-03-20 17:47:37 +01:00
|
|
|
|
def authorized_routes?(controller)
|
2018-01-15 19:29:44 +01:00
|
|
|
|
if !UserRoutesAuthorizationService.authorized_route?(controller, current_user_dossier)
|
|
|
|
|
|
redirect_to_root_path 'Le statut de votre dossier n\'autorise pas cette URL'
|
|
|
|
|
|
end
|
|
|
|
|
|
|
2016-01-25 15:54:21 +01:00
|
|
|
|
rescue ActiveRecord::RecordNotFound
|
|
|
|
|
|
redirect_to_root_path 'Vous n’avez pas accès à ce dossier.'
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
2018-03-20 17:47:37 +01:00
|
|
|
|
def redirect_to_root_path(message)
|
2016-01-25 15:54:21 +01:00
|
|
|
|
flash.alert = message
|
|
|
|
|
|
redirect_to url_for root_path
|
|
|
|
|
|
end
|
2017-04-04 15:27:04 +02:00
|
|
|
|
end
|
