Limit access to archived conferences
This commit is contained in:
parent
89dd1890fd
commit
71e8ab74da
|
@ -8,7 +8,11 @@ module Management
|
||||||
private
|
private
|
||||||
|
|
||||||
def authorize_user!
|
def authorize_user!
|
||||||
head :forbidden unless current_user.admin?
|
if params[:conference_id] && params[:conference_id].to_i < Conference.last.id
|
||||||
|
head :forbidden unless current_user.admin? && current_user.owner?
|
||||||
|
else
|
||||||
|
head :forbidden unless current_user.admin?
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
class AddOwnerFieldToUsers < ActiveRecord::Migration[7.1]
|
||||||
|
def change
|
||||||
|
add_column :users, :owner, :boolean, null: false, default: false
|
||||||
|
end
|
||||||
|
end
|
|
@ -11,4 +11,5 @@ User.create(
|
||||||
password_confirmation: "123qweASD",
|
password_confirmation: "123qweASD",
|
||||||
confirmed_at: Time.current,
|
confirmed_at: Time.current,
|
||||||
admin: true
|
admin: true
|
||||||
|
owner: true
|
||||||
)
|
)
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -11,6 +11,7 @@ FactoryBot.define do
|
||||||
|
|
||||||
factory :administrator do
|
factory :administrator do
|
||||||
admin { true }
|
admin { true }
|
||||||
|
owner { true }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue