Module: BoardOwnerControllerConcern

Extended by:: ActiveSupport::Concern

Included in:: Api::BoardsController, Api::PostsController, Api::ShareBoardController

Defined in:: app/controllers/concerns/board_owner_controller_concern.rb

Overview

Ensure user has access to the board and sets the ‘@board` variable in the controller

Instance Method Summary collapse

#ensure_board ⇒ Object

Ensure user has access to the board and sets the ‘@board` variable in the controller.
#ensure_board_owner ⇒ Object

Ensures user is owner of the board.
#has_board_access(board_id) ⇒ Object

Validate if user has access to board.

Instance Method Details

#ensure_board ⇒ `Object`

Ensure user has access to the board and sets the ‘@board` variable in the controller

# File 'app/controllers/concerns/board_owner_controller_concern.rb', line 6

def ensure_board
  board_id = params[:board_id] || params[:id]
  result = has_board_access(board_id)
  @board = result[:board]
  @user_board = result[:user_board]
  render json: {}, status: result[:status] if result[:status] != :ok
end

#ensure_board_owner ⇒ `Object`

Ensures user is owner of the board. Must be run after #ensure_board method.



34
35
36

# File 'app/controllers/concerns/board_owner_controller_concern.rb', line 34

def ensure_board_owner
  render json: {}, status: :forbidden if !@user_board.is_admin
end

#has_board_access(board_id) ⇒ `Object`

Validate if user has access to board

Parameters:

board_id (Integer) —

board id

# File 'app/controllers/concerns/board_owner_controller_concern.rb', line 17

def has_board_access(board_id)
board = nil
if !board_id.nil?
  board = Board.find_by_id(board_id)
else
  return {status: :bad_request}
end
if (board)
  user_board = UserBoard.where(user_id: @user.id, board_id: board_id).first
  return {status: :forbidden }if user_board.nil?
    return {status: :ok, board: board, user_board: user_board}
  else
    return {status: :not_found}
  end
end