Contents

# frozen_string_literal: true

module Decidim
  module Admin
    # A Rails routes constraint to only allow access to an Organization admin to
    # the organization dashboard.
    class OrganizationDashboardConstraint
      # Initializes the contraint.
      #
      # request [Rack::Request]
      def initialize(request)
        @request = request
      end

      # Checks if the user can access the organization dashboard.
      #
      # Returns boolean.
      def matches?
        user && user.organization == organization && ability.can?(:read, :admin_dashboard)
      end

      private

      attr_reader :request

      def organization
        request.env["decidim.current_organization"]
      end

      def user
        return unless request.env["warden"].authenticate!(scope: :user)

        @user ||= request.env["warden"].user("user")
      end

      def ability
        Decidim::Admin::Abilities::Base.new(user, current_organization: organization)
      end
    end
  end
end

Version data entries

10 entries across 10 versions & 2 rubygems

Version	Path
decidim-admin-0.4.0	app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-0.4.0	decidim-admin/app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-admin-0.3.2	app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-0.3.2	decidim-admin/app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-admin-0.3.1	app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-0.3.1	decidim-admin/app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-admin-0.3.0	app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-0.3.0	decidim-admin/app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-admin-0.2.0	app/constraints/decidim/admin/organization_dashboard_constraint.rb
decidim-0.2.0	decidim-admin/app/constraints/decidim/admin/organization_dashboard_constraint.rb