d18c627392
This rule was added in rubocop 1.79. We were inconsistent about it, so we're adding it to get more consistency.
47 lines
1.0 KiB
Ruby
47 lines
1.0 KiB
Ruby
class Management::SessionsController < ActionController::Base
|
|
include TenantVariants
|
|
include GlobalizeFallbacks
|
|
include AccessDeniedHandler
|
|
|
|
default_form_builder ConsulFormBuilder
|
|
|
|
def create
|
|
destroy_session
|
|
if admin? || manager? || authenticated_manager?
|
|
redirect_to management_root_path
|
|
else
|
|
raise CanCan::AccessDenied
|
|
end
|
|
end
|
|
|
|
def destroy
|
|
destroy_session
|
|
redirect_to root_path, notice: t("management.sessions.signed_out")
|
|
end
|
|
|
|
private
|
|
|
|
def destroy_session
|
|
session[:manager] = nil
|
|
session[:document_type] = nil
|
|
session[:document_number] = nil
|
|
end
|
|
|
|
def admin?
|
|
if current_user&.administrator?
|
|
session[:manager] = { login: "admin_user_#{current_user.id}" }
|
|
end
|
|
end
|
|
|
|
def manager?
|
|
if current_user&.manager?
|
|
session[:manager] = { login: "manager_user_#{current_user.id}" }
|
|
end
|
|
end
|
|
|
|
def authenticated_manager?
|
|
manager = ManagerAuthenticator.new(params).auth
|
|
session[:manager] = manager if manager.present?
|
|
end
|
|
end
|