consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Valuators access to edit/valute on right phase

Browse Source 
When a valuator tries to edit/valuate an investment outside valuating
phase, an explanatory message will be shown along with a redirect to
prevent access.
This commit is contained in:
Bertocq
2018-03-12 20:22:50 +01:00
parent 5f5e9c4f26
commit 8fd6f8f1d6
4 changed files with 43 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/controllers/valuation/budget_investments_controller.rb
View File

@@ -5,6 +5,7 @@ class Valuation::BudgetInvestmentsController < Valuation::BaseController
feature_flag :budgets
before_action :restrict_access_to_assigned_items, only: [:show, :edit, :valuate]
before_action :restrict_access, only: [:edit, :valuate]
before_action :load_budget
before_action :load_investment, only: [:show, :edit, :valuate]
@@ -98,6 +99,12 @@ class Valuation::BudgetInvestmentsController < Valuation::BaseController
:duration, :valuation_finished)
end
def restrict_access
unless current_user.administrator? || current_budget.valuating?
raise CanCan::AccessDenied.new(I18n.t('valuation.budget_investments.not_in_valuating_phase'))
end
end
def restrict_access_to_assigned_items
return if current_user.administrator? ||
Budget::ValuatorAssignment.exists?(investment_id: params[:id],