2017-06-29 14:18:12 +02:00
|
|
|
module NewUser
|
|
|
|
|
class DossiersController < UserController
|
|
|
|
|
before_action :ensure_ownership!
|
|
|
|
|
|
2017-06-29 14:18:59 +02:00
|
|
|
def attestation
|
|
|
|
|
send_data(dossier.attestation.pdf.read, filename: 'attestation.pdf', type: 'application/pdf')
|
|
|
|
|
end
|
|
|
|
|
|
2018-02-08 17:13:15 +01:00
|
|
|
def identite
|
|
|
|
|
@dossier = dossier
|
|
|
|
|
@user = current_user
|
|
|
|
|
end
|
|
|
|
|
|
2017-06-29 14:18:12 +02:00
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def dossier
|
2018-02-08 17:13:15 +01:00
|
|
|
Dossier.find(params[:id] || params[:dossier_id])
|
2017-06-29 14:18:12 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def ensure_ownership!
|
|
|
|
|
if dossier.user != current_user
|
|
|
|
|
flash[:alert] = "Vous n'avez pas accès à ce dossier"
|
|
|
|
|
redirect_to root_path
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
