Skip to content

Commit

Permalink
Move permission check to top of controller
Browse files Browse the repository at this point in the history
  • Loading branch information
delonnewman committed Oct 11, 2024
1 parent 32b555a commit 7a6ecab
Showing 1 changed file with 12 additions and 16 deletions.
28 changes: 12 additions & 16 deletions app/controllers/replies_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,23 @@ class RepliesController < ApplicationController
forbid unless reply.can_edit_reply?(current_user)
end

before_action only: %i[update] do
forbid unless reply.can_update_reply?(current_user)
end

before_action only: %i[submit complete] do
forbid unless reply.can_complete_reply?(current_user)
end

before_action only: %i[preview] do
forbid unless survey.can_preview?(current_user)
end

def edit
tracker.view_submission_form(reply)
render :edit, locals: { reply: }
end

before_action only: %i[update] do
forbid unless reply.can_update_reply?(current_user)
end

def update
if reply.update(reply_params)
tracker.update_submission_form(reply)
Expand All @@ -25,10 +33,6 @@ def update
end
end

before_action only: %i[submit] do
forbid unless reply.can_complete_reply?(current_user)
end

def submit
if reply.submit(reply_params)
tracker.complete_submission_form(reply)
Expand All @@ -38,18 +42,10 @@ def submit
end
end

before_action only: %i[complete] do
forbid unless reply.can_complete_reply?(current_user)
end

def complete
render :success, locals: { reply: }
end

before_action only: %i[preview] do
forbid unless survey.can_preview?(current_user)
end

def preview
render :edit, locals: { reply: survey.replies.build }
end
Expand Down

0 comments on commit 7a6ecab

Please sign in to comment.