Sha256: 178fc64b9f9ef204d6b3885f56007985eb5538a52ba7b3a8189dfbfabdbaad68
Contents?: true
Size: 949 Bytes
Versions: 4
Compression:
Stored size: 949 Bytes
Contents
# frozen_string_literal: true
module Decidim
module Admin
# A Rails routes constraint to only allow access to an Organization admin to
# the organization dashboard.
class OrganizationDashboardConstraint
# Initializes the contraint.
#
# request [Rack::Request]
def initialize(request)
@request = request
end
# Checks if the user can access the organization dashboard.
#
# Returns boolean.
def matches?
user.organization == organization && ability.can?(:read, :admin_dashboard)
end
private
attr_reader :request
def organization
request.env["decidim.current_organization"]
end
def user
return unless request.env["warden"].authenticate!(scope: :user)
@user ||= request.env["warden"].user("user")
end
def ability
Decidim::Admin::Abilities::Base.new(user)
end
end
end
end
Version data entries
4 entries across 4 versions & 2 rubygems