demarches-normaliennes/app/controllers/users_controller.rb

class UsersController < ApplicationController
  before_action :authenticate_user!

  def index
    redirect_to root_path
  end

  def current_user_dossier dossier_id=nil
    dossier_id ||= params[:dossier_id] || params[:id]

    dossier = Dossier.find(dossier_id)

    return dossier if dossier.owner?(current_user.email) || dossier.invite_by_user?(current_user.email)

    raise ActiveRecord::RecordNotFound
  end

  def authorized_routes? controller
    redirect_to_root_path 'Le statut de votre dossier n\'autorise pas cette URL' unless UserRoutesAuthorizationService.authorized_route?(
      controller,
      current_user_dossier)
  rescue ActiveRecord::RecordNotFound
    redirect_to_root_path 'Vous n’avez pas accès à ce dossier.'
  end

  private

  def redirect_to_root_path message
    flash.alert = message
    redirect_to url_for root_path
  end
end
-												move controller into users folder
											
										
										
											2015-09-23 19:20:03 +02:00
+								class UsersController < ApplicationController
 								  before_action :authenticate_user!
-												add current_user_dossier function at UserController

											
										
										
											2015-10-09 16:26:39 +02:00
-												add routes path /users

											
										
										
											2016-02-01 18:18:55 +01:00
+								  def index
 								    redirect_to root_path
 								  end
-												add current_user_dossier function at UserController

											
										
										
											2015-10-09 16:26:39 +02:00
+								  def current_user_dossier dossier_id=nil
-												Add restriction on User's URL based on Dossier state

											
										
										
											2016-01-25 15:54:21 +01:00
+								    dossier_id ||= params[:dossier_id] || params[:id]
-												add current_user_dossier function at UserController

											
										
										
											2015-10-09 16:26:39 +02:00
-												User can invite other user to edit his dossier

											
										
										
											2016-09-14 16:36:01 +02:00
+								    dossier = Dossier.find(dossier_id)
 								    return dossier if dossier.owner?(current_user.email) || dossier.invite_by_user?(current_user.email)
 								    raise ActiveRecord::RecordNotFound
-												add current_user_dossier function at UserController

											
										
										
											2015-10-09 16:26:39 +02:00
+								  end
-												Add restriction on User's URL based on Dossier state

											
										
										
											2016-01-25 15:54:21 +01:00
-												Refactor Url restriction system

											
										
										
											2016-01-26 15:52:05 +01:00
+								  def authorized_routes? controller
-												[Fix #528] Fix a spelling mistake

											
										
										
											2017-07-04 12:05:11 +02:00
+								    redirect_to_root_path 'Le statut de votre dossier n\'autorise pas cette URL' unless UserRoutesAuthorizationService.authorized_route?(
-												Enable the Layout/AlignParameters cop
											
										
										
											2017-06-12 13:49:51 +02:00
+								      controller,
 								      current_user_dossier)
-												Add restriction on User's URL based on Dossier state

											
										
										
											2016-01-25 15:54:21 +01:00
+								  rescue ActiveRecord::RecordNotFound
 								    redirect_to_root_path 'Vous n’avez pas accès à ce dossier.'
 								  end
 								  private
 								  def redirect_to_root_path message
 								    flash.alert = message
 								    redirect_to url_for root_path
 								  end
-												Files should end with a new line

											
										
										
											2017-04-04 15:27:04 +02:00
+								end