Sha256: 8d4d00743e84cb6497a272278400ef548d300d8c634c8debe3e356b729c68cf1

Contents?: true

Size: 1.26 KB

Versions: 4

Compression:

Stored size: 1.26 KB

Contents

module Unsakini
  #Ensure user has access to the board and sets the `@board` variable in the controller

  module BoardOwnerControllerConcern
    extend ActiveSupport::Concern

    #Ensure user has access to the board and sets the `@board` variable in the controller
    def ensure_board
      board_id = params[:board_id] || params[:id]
      result = has_board_access(board_id)
      @board = result[:board]
      @user_board = result[:user_board]
      head result[:status] if result[:status] != :ok
    end

    # Validate if user has access to board
    #
    # @param board_id [Integer] board id
    def has_board_access(board_id)
      board = nil
      if !board_id.nil?
        board = Unsakini::Board.find_by_id(board_id)
      else
        return {status: :bad_request}
      end
      if (board)
        user_board = Unsakini::UserBoard.where(user_id: @user.id, board_id: board_id).first
        return {status: :forbidden } if user_board.nil?
        return {status: :ok, board: board, user_board: user_board}
      else
        return {status: :not_found}
      end
    end

    #Ensures user is owner of the board. Must be run after {#ensure_board} method.
    def ensure_board_owner
      render json: {}, status: :forbidden if !@user_board.is_admin
    end

  end

end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
unsakini-0.0.5 app/controllers/concerns/unsakini/board_owner_controller_concern.rb
unsakini-0.0.5.pre.1 app/controllers/concerns/unsakini/board_owner_controller_concern.rb
unsakini-0.0.4.pre.1 app/controllers/concerns/unsakini/board_owner_controller_concern.rb
unsakini-0.0.4.3 app/controllers/concerns/unsakini/board_owner_controller_concern.rb