32 lines
866 B
Ruby
32 lines
866 B
Ruby
class UsersController < ApplicationController
|
||
before_action :authenticate_user!
|
||
|
||
def index
|
||
redirect_to root_path
|
||
end
|
||
|
||
def current_user_dossier dossier_id=nil
|
||
dossier_id ||= params[:dossier_id] || params[:id]
|
||
|
||
dossier = Dossier.find(dossier_id)
|
||
|
||
return dossier if dossier.owner?(current_user.email) || dossier.invite_by_user?(current_user.email)
|
||
|
||
raise ActiveRecord::RecordNotFound
|
||
end
|
||
|
||
def authorized_routes? controller
|
||
redirect_to_root_path 'Le status de votre dossier n\'autorise pas cette URL' unless UserRoutesAuthorizationService.authorized_route?(
|
||
controller,
|
||
current_user_dossier)
|
||
rescue ActiveRecord::RecordNotFound
|
||
redirect_to_root_path 'Vous n’avez pas accès à ce dossier.'
|
||
end
|
||
|
||
private
|
||
|
||
def redirect_to_root_path message
|
||
flash.alert = message
|
||
redirect_to url_for root_path
|
||
end
|
||
end
|