Module: Unsakini::BoardOwnerControllerConcern

Extended by:

ActiveSupport::Concern

Included in:

BoardsController, PostsController, ShareBoardController

Defined in:

app/controllers/concerns/unsakini/board_owner_controller_concern.rb

Overview

Ensure user has access to the board and sets the ‘@board` variable in the controller

Instance Method Summary

• #ensure_board ⇒ Object

  Ensure user has access to the board and sets the ‘@board` variable in the controller.

• #ensure_board_owner ⇒ Object

  Ensures user is owner of the board.

• #has_board_access(board_id) ⇒ Object

  Validate if user has access to board.

Instance Method Details

#ensure_board ⇒ Object

Ensure user has access to the board and sets the ‘@board` variable in the controller

# File 'app/controllers/concerns/unsakini/board_owner_controller_concern.rb', line 8

def ensure_board
  board_id = params[:board_id] || params[:id]
  result = has_board_access(board_id)
  @board = result[:board]
  @user_board = result[:user_board]
  head result[:status] if result[:status] != :ok
end

#ensure_board_owner ⇒ Object

Ensures user is owner of the board. Must be run after #ensure_board method.

# File 'app/controllers/concerns/unsakini/board_owner_controller_concern.rb', line 36

def ensure_board_owner
  render json: {}, status: :forbidden if !@user_board.is_admin
end

#has_board_access(board_id) ⇒ Object

Validate if user has access to board

Parameters:

• board_id (Integer) —

  board id

# File 'app/controllers/concerns/unsakini/board_owner_controller_concern.rb', line 19

def has_board_access(board_id)
  board = nil
  if !board_id.nil?
    board = Unsakini::Board.find_by_id(board_id)
  else
    return {status: :bad_request}
  end
  if (board)
    user_board = Unsakini::UserBoard.where(user_id: @user.id, board_id: board_id).first
    return {status: :forbidden } if user_board.nil?
    return {status: :ok, board: board, user_board: user_board}
  else
    return {status: :not_found}
  end
end