2015-03-12 15:08:48 +00:00
|
|
|
class Groups::ApplicationController < ApplicationController
|
2015-05-01 08:39:11 +00:00
|
|
|
layout 'group'
|
2016-03-20 20:03:53 +00:00
|
|
|
|
|
|
|
skip_before_action :authenticate_user!
|
2015-11-13 18:20:48 +00:00
|
|
|
before_action :group
|
2015-03-12 15:08:48 +00:00
|
|
|
|
|
|
|
private
|
2015-11-13 18:20:48 +00:00
|
|
|
|
|
|
|
def group
|
2016-03-20 20:03:53 +00:00
|
|
|
unless @group
|
|
|
|
id = params[:group_id] || params[:id]
|
|
|
|
@group = Group.find_by(path: id)
|
|
|
|
|
|
|
|
unless @group && can?(current_user, :read_group, @group)
|
|
|
|
@group = nil
|
2015-11-13 18:20:48 +00:00
|
|
|
|
2016-03-20 20:03:53 +00:00
|
|
|
if current_user.nil?
|
|
|
|
authenticate_user!
|
|
|
|
else
|
|
|
|
render_404
|
|
|
|
end
|
2015-03-13 15:27:51 +00:00
|
|
|
end
|
|
|
|
end
|
2016-03-20 20:03:53 +00:00
|
|
|
|
|
|
|
@group
|
|
|
|
end
|
|
|
|
|
|
|
|
def group_projects
|
|
|
|
@projects ||= GroupProjectsFinder.new(group).execute(current_user)
|
2015-03-13 15:27:51 +00:00
|
|
|
end
|
2015-11-13 18:20:48 +00:00
|
|
|
|
2015-03-12 15:08:48 +00:00
|
|
|
def authorize_admin_group!
|
2015-04-10 12:39:10 +00:00
|
|
|
unless can?(current_user, :admin_group, group)
|
2015-03-12 15:08:48 +00:00
|
|
|
return render_404
|
|
|
|
end
|
|
|
|
end
|
2015-11-13 18:20:48 +00:00
|
|
|
|
2015-07-31 12:15:49 +00:00
|
|
|
def authorize_admin_group_member!
|
|
|
|
unless can?(current_user, :admin_group_member, group)
|
|
|
|
return render_403
|
|
|
|
end
|
|
|
|
end
|
2015-03-12 15:08:48 +00:00
|
|
|
end
|