submit-social-housing-letti.../app/controllers/organisations_controller.rb

class OrganisationsController < ApplicationController
  before_action :authenticate_user!
  before_action :find_resource
  before_action :authenticate_scope!

  def show
    redirect_to details_organisation_path(@organisation)
  end

  def users
    if current_user.data_coordinator?
      render "users"
    else
      head :unauthorized
    end
  end

  def details
    render "show"
  end

  def edit
    if current_user.data_coordinator?
      render "edit", layout: "application"
    else
      head :unauthorized
    end
  end

  def update
    if current_user.data_coordinator?
      if @organisation.update(org_params)
        flash[:notice] = I18n.t("organisation.updated")
        redirect_to details_organisation_path(@organisation)
      end
    else
      head :unauthorized
    end
  end

private

  def org_params
    params.require(:organisation).permit(:name, :address_line1, :address_line2, :postcode, :phone)
  end

  def authenticate_scope!
    render_not_found if current_user.organisation != @organisation
  end

  def find_resource
    @organisation = Organisation.find(params[:id])
  end
end
CLDC-673: Organisation Page frontend (#122) * Add basic info read page * Header * Better org seed * Use gem component * Tabs * Users * Users is a table rather than a summary list * Table rows * User is trackable * Date format * View component init * Add pages and routes to render * Partials * Match the prototype design * Nested layout is nicer * Except of course they're not the same width * Add button with wrong link * Add user routes * Don't move account route for now * Add component test * Rubocop * Request spec * Test views * Add a feature spec for tab switching * Move styling methods into helper * PR suggestions * PR comments 3 years ago			`class OrganisationsController < ApplicationController`
			`before_action :authenticate_user!`
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> 3 years ago			`before_action :find_resource`
			`before_action :authenticate_scope!`
CLDC-673: Organisation Page frontend (#122) * Add basic info read page * Header * Better org seed * Use gem component * Tabs * Users * Users is a table rather than a summary list * Table rows * User is trackable * Date format * View component init * Add pages and routes to render * Partials * Match the prototype design * Nested layout is nicer * Except of course they're not the same width * Add button with wrong link * Add user routes * Don't move account route for now * Add component test * Rubocop * Request spec * Test views * Add a feature spec for tab switching * Move styling methods into helper * PR suggestions * PR comments 3 years ago
User roles (#138) * Users have roles * Add role to active admin * Add role to users table * Redirect organisation show to details * Remove users tab for data providers 3 years ago			`def show`
			`redirect_to details_organisation_path(@organisation)`
			`end`

CLDC-673: Organisation Page frontend (#122) * Add basic info read page * Header * Better org seed * Use gem component * Tabs * Users * Users is a table rather than a summary list * Table rows * User is trackable * Date format * View component init * Add pages and routes to render * Partials * Match the prototype design * Nested layout is nicer * Except of course they're not the same width * Add button with wrong link * Add user routes * Don't move account route for now * Add component test * Rubocop * Request spec * Test views * Add a feature spec for tab switching * Move styling methods into helper * PR suggestions * PR comments 3 years ago			`def users`
User roles (#138) * Users have roles * Add role to active admin * Add role to users table * Redirect organisation show to details * Remove users tab for data providers 3 years ago			`if current_user.data_coordinator?`
			`render "users"`
			`else`
			`head :unauthorized`
			`end`
			`end`

			`def details`
			`render "show"`
CLDC-673: Organisation Page frontend (#122) * Add basic info read page * Header * Better org seed * Use gem component * Tabs * Users * Users is a table rather than a summary list * Table rows * User is trackable * Date format * View component init * Add pages and routes to render * Partials * Match the prototype design * Nested layout is nicer * Except of course they're not the same width * Add button with wrong link * Add user routes * Don't move account route for now * Add component test * Rubocop * Request spec * Test views * Add a feature spec for tab switching * Move styling methods into helper * PR suggestions * PR comments 3 years ago			`end`

CLDC-730: Data Coordinators can edit org details (#150) * Data coordinators can edit some organisation details * Apply suggestions from code review PR tweaks Co-authored-by: Paul Robert Lloyd <paulrobertlloyd@users.noreply.github.com> * PR comments * Address line label * Apply suggestions from code review Co-authored-by: Paul Robert Lloyd <paulrobertlloyd@users.noreply.github.com> Co-authored-by: Paul Robert Lloyd <paulrobertlloyd@users.noreply.github.com> 3 years ago			`def edit`
			`if current_user.data_coordinator?`
			`render "edit", layout: "application"`
			`else`
			`head :unauthorized`
			`end`
			`end`

			`def update`
			`if current_user.data_coordinator?`
			`if @organisation.update(org_params)`
			`flash[:notice] = I18n.t("organisation.updated")`
			`redirect_to details_organisation_path(@organisation)`
			`end`
			`else`
			`head :unauthorized`
			`end`
			`end`

CLDC-673: Organisation Page frontend (#122) * Add basic info read page * Header * Better org seed * Use gem component * Tabs * Users * Users is a table rather than a summary list * Table rows * User is trackable * Date format * View component init * Add pages and routes to render * Partials * Match the prototype design * Nested layout is nicer * Except of course they're not the same width * Add button with wrong link * Add user routes * Don't move account route for now * Add component test * Rubocop * Request spec * Test views * Add a feature spec for tab switching * Move styling methods into helper * PR suggestions * PR comments 3 years ago			`private`

CLDC-730: Data Coordinators can edit org details (#150) * Data coordinators can edit some organisation details * Apply suggestions from code review PR tweaks Co-authored-by: Paul Robert Lloyd <paulrobertlloyd@users.noreply.github.com> * PR comments * Address line label * Apply suggestions from code review Co-authored-by: Paul Robert Lloyd <paulrobertlloyd@users.noreply.github.com> Co-authored-by: Paul Robert Lloyd <paulrobertlloyd@users.noreply.github.com> 3 years ago			`def org_params`
			`params.require(:organisation).permit(:name, :address_line1, :address_line2, :postcode, :phone)`
			`end`

CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> 3 years ago			`def authenticate_scope!`
Check template is shown (#191) 3 years ago			`render_not_found if current_user.organisation != @organisation`
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> 3 years ago			`end`

			`def find_resource`
CLDC-673: Organisation Page frontend (#122) * Add basic info read page * Header * Better org seed * Use gem component * Tabs * Users * Users is a table rather than a summary list * Table rows * User is trackable * Date format * View component init * Add pages and routes to render * Partials * Match the prototype design * Nested layout is nicer * Except of course they're not the same width * Add button with wrong link * Add user routes * Don't move account route for now * Add component test * Rubocop * Request spec * Test views * Add a feature spec for tab switching * Move styling methods into helper * PR suggestions * PR comments 3 years ago			`@organisation = Organisation.find(params[:id])`
			`end`
			`end`