Sha256: 178fc64b9f9ef204d6b3885f56007985eb5538a52ba7b3a8189dfbfabdbaad68

Contents?: true

Size: 949 Bytes

Versions: 4

Compression:

Stored size: 949 Bytes

Contents

# frozen_string_literal: true
module Decidim
  module Admin
    # A Rails routes constraint to only allow access to an Organization admin to
    # the organization dashboard.
    class OrganizationDashboardConstraint
      # Initializes the contraint.
      #
      # request [Rack::Request]
      def initialize(request)
        @request = request
      end

      # Checks if the user can access the organization dashboard.
      #
      # Returns boolean.
      def matches?
        user.organization == organization && ability.can?(:read, :admin_dashboard)
      end

      private

      attr_reader :request

      def organization
        request.env["decidim.current_organization"]
      end

      def user
        return unless request.env["warden"].authenticate!(scope: :user)

        @user ||= request.env["warden"].user("user")
      end

      def ability
        Decidim::Admin::Abilities::Base.new(user)
      end
    end
  end
end

Version data entries

4 entries across 4 versions & 2 rubygems

Version Path
decidim-admin-0.0.2 app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-0.0.2 decidim-admin/app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-admin-0.0.1 app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-0.0.1 decidim-admin/app/constraints/decidim/admin/organization_dashboard_constraint.rb