diff --git a/app/controllers/extranet/academic_years_controller.rb b/app/controllers/extranet/academic_years_controller.rb
index 8fe001a2b8684c27851afe89d915e84562c7a42d..27e47ab9872c88be80ae82cb71bbdd90457d1578 100644
--- a/app/controllers/extranet/academic_years_controller.rb
+++ b/app/controllers/extranet/academic_years_controller.rb
@@ -1,8 +1,4 @@
class Extranet::AcademicYearsController < Extranet::ApplicationController
- load_and_authorize_resource class: Education::AcademicYear,
- through: :about,
- through_association: :education_academic_years
-
def index
@academic_years = about&.education_academic_years
.ordered
@@ -13,6 +9,7 @@ class Extranet::AcademicYearsController < Extranet::ApplicationController
end
def show
+ @academic_year = about.education_academic_years.find(params[:id])
@cohorts = @academic_year.cohorts_in_context(current_context.about)
@alumni = @academic_year.alumni_in_context(current_context.about)
breadcrumb
diff --git a/app/controllers/extranet/application_controller.rb b/app/controllers/extranet/application_controller.rb
index 493ed64fbfd2e0b77ccbebd1dc7c5aae2c8085be..ae11faacb654039855cbe99d92ec4234e476851f 100644
--- a/app/controllers/extranet/application_controller.rb
+++ b/app/controllers/extranet/application_controller.rb
@@ -1,6 +1,8 @@
class Extranet::ApplicationController < ApplicationController
layout 'extranet/layouts/application'
+ before_action :authorize_extranet_access!
+
def breadcrumb
add_breadcrumb t('home'), root_path
end
@@ -8,4 +10,10 @@ class Extranet::ApplicationController < ApplicationController
def about
current_extranet.about || current_university
end
+
+ private
+
+ def authorize_extranet_access!
+ raise CanCan::AccessDenied if current_user.visitor? && about.alumni.find_by(id: current_user.person&.id).nil?
+ end
end
diff --git a/app/controllers/extranet/cohorts_controller.rb b/app/controllers/extranet/cohorts_controller.rb
index b249e48a3a5073f7da8537cedfa599240000ee24..f4174abc4abdcc75507744a2f336edc753680ae7 100644
--- a/app/controllers/extranet/cohorts_controller.rb
+++ b/app/controllers/extranet/cohorts_controller.rb
@@ -1,8 +1,4 @@
class Extranet::CohortsController < Extranet::ApplicationController
- load_and_authorize_resource class: Education::Cohort,
- through: :about,
- through_association: :education_cohorts
-
def index
@facets = Education::Cohort::Facets.new params[:facets], {
model: about.education_cohorts,
@@ -17,6 +13,7 @@ class Extranet::CohortsController < Extranet::ApplicationController
end
def show
+ @cohort = about.education_cohorts.find(params[:id])
breadcrumb
end
diff --git a/app/controllers/extranet/experiences_controller.rb b/app/controllers/extranet/experiences_controller.rb
index 72a2538afb050929412c0096de3896edf84c9227..e7c16fae0535e65fe4d3d255f4c1783e97f52c41 100644
--- a/app/controllers/extranet/experiences_controller.rb
+++ b/app/controllers/extranet/experiences_controller.rb
@@ -1,16 +1,16 @@
class Extranet::ExperiencesController < Extranet::ApplicationController
- load_and_authorize_resource class: University::Person::Experience,
- through: :current_user,
- through_association: :experiences
def new
+ @experience = current_user.experiences.new
breadcrumb
end
-
+
def edit
+ @experience = current_user.experiences.find(params[:id])
breadcrumb
end
def create
+ @experience = current_user.experiences.new(experience_params)
@experience.university = current_university
if @experience.save
redirect_to account_path, notice: 'Ok'
@@ -21,6 +21,7 @@ class Extranet::ExperiencesController < Extranet::ApplicationController
end
def update
+ @experience = current_user.experiences.find(params[:id])
if @experience.update experience_params
redirect_to account_path, notice: 'Ok'
else
diff --git a/app/controllers/extranet/organizations_controller.rb b/app/controllers/extranet/organizations_controller.rb
index ec718d441227937335a651247c3c12cdb6530ea3..0d0f30d6420538d3d27ff95a486d6e47c048ce6e 100644
--- a/app/controllers/extranet/organizations_controller.rb
+++ b/app/controllers/extranet/organizations_controller.rb
@@ -1,8 +1,4 @@
class Extranet::OrganizationsController < Extranet::ApplicationController
- load_and_authorize_resource class: University::Organization,
- through: :about,
- through_association: :university_person_alumni_organizations
-
def index
@facets = University::Organization::Facets.new params[:facets], {
model: about&.university_person_alumni_organizations,
@@ -17,6 +13,7 @@ class Extranet::OrganizationsController < Extranet::ApplicationController
end
def show
+ @organization = about.university_person_alumni_organizations.find(params[:id])
breadcrumb
end
diff --git a/app/controllers/extranet/persons_controller.rb b/app/controllers/extranet/persons_controller.rb
index b94f7ad997e2b7a976ee182f733482614aa2e3ed..73df7551cfe7721522c9cef5004de5afb9519a82 100644
--- a/app/controllers/extranet/persons_controller.rb
+++ b/app/controllers/extranet/persons_controller.rb
@@ -1,8 +1,4 @@
class Extranet::PersonsController < Extranet::ApplicationController
- load_and_authorize_resource class: University::Person::Alumnus,
- through: :about,
- through_association: :university_person_alumni
-
def index
@facets = University::Person::Alumnus::Facets.new params[:facets], {
model: about&.university_person_alumni,
@@ -17,6 +13,7 @@ class Extranet::PersonsController < Extranet::ApplicationController
end
def show
+ @person = about.university_person_alumni.find(params[:id])
breadcrumb
end
diff --git a/db/schema.rb b/db/schema.rb
index 5876144fc09cc72e8bd75c8c7df197b98fa4bcbc..e38bdcddeda981d4b87c74abee2504c8c7f6e833 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -44,7 +44,7 @@ ActiveRecord::Schema.define(version: 2022_10_17_142108) do
t.text "metadata"
t.string "service_name", null: false
t.bigint "byte_size", null: false
- t.string "checksum", null: false
+ t.string "checksum"
t.datetime "created_at", null: false
t.uuid "university_id"
t.index ["key"], name: "index_active_storage_blobs_on_key", unique: true