consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

makes sure verifications only happen for signed in users when doing a letter verification

Browse Source
This commit is contained in:
kikito
2015-10-20 17:18:28 +02:00
parent 3ab579999e
commit 18db6482f9
2 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/application_controller.rb
View File

@@ -52,7 +52,7 @@ class ApplicationController < ActionController::Base
end end
def verify_lock def verify_lock
if current_user.try(:locked?) if current_user.locked?
redirect_to account_path, alert: t('verification.alert.lock') redirect_to account_path, alert: t('verification.alert.lock')
end end
end end
@@ -97,13 +97,13 @@ class ApplicationController < ActionController::Base
end end
def verify_resident! def verify_resident!
if current_user && !current_user.residence_verified? unless current_user.residence_verified?
redirect_to new_residence_path, alert: t('verification.residence.alert.unconfirmed_residency') redirect_to new_residence_path, alert: t('verification.residence.alert.unconfirmed_residency')
end end
end end
def verify_verified! def verify_verified!
if current_user.try(:level_three_verified?) if current_user.level_three_verified?
redirect_to(account_path, notice: t('verification.redirect_notices.already_verified')) redirect_to(account_path, notice: t('verification.redirect_notices.already_verified'))
end end
end end

12
app/controllers/verification/letter_controller.rb
View File

@@ -2,10 +2,10 @@ class Verification::LetterController < ApplicationController
before_action :authenticate_user!, except: [:edit, :update] before_action :authenticate_user!, except: [:edit, :update]
before_action :login_via_form, only: :update before_action :login_via_form, only: :update
before_action :verify_resident!, except: :edit before_action :verify_resident!, except: :edit, if: :signed_in?
before_action :verify_phone!, except: :edit before_action :verify_phone!, except: :edit, if: :signed_in?
before_action :verify_verified!, except: :edit before_action :verify_verified!, except: :edit, if: :signed_in?
before_action :verify_lock, except: :edit before_action :verify_lock, except: :edit, if: :signed_in?
skip_authorization_check skip_authorization_check
@@ -44,13 +44,13 @@ class Verification::LetterController < ApplicationController
end end
def verify_phone! def verify_phone!
if current_user && !current_user.confirmed_phone? unless current_user.confirmed_phone?
redirect_to verified_user_path, alert: t('verification.letter.alert.unconfirmed_code') redirect_to verified_user_path, alert: t('verification.letter.alert.unconfirmed_code')
end end
end end
def login_via_form def login_via_form
user = User.find_by_email(letter_params[:email]) user = User.find_by email: letter_params[:email]
if user && user.valid_password?(letter_params[:password]) if user && user.valid_password?(letter_params[:password])
sign_in(user) sign_in(user)
end end