Family sharing (#1272)

* Initial account sharing changes * Update schema.rb * Update schema.rb * Change sharing UI to modal * UX fixes and sharing controls * Scope include in finances better * Update totals.rb * Update totals.rb * Scope reports to finance account scope * Update impersonation_sessions_controller_test.rb * Review fixes * Update schema.rb * Update show.html.erb * FIX db validation * Refine edit permissions * Review items * Review * Review * Add application level helper * Critical review * Address remaining review items * Fix modals * more scoping * linter * small UI fix * Fix: Sync broadcasts push unscoped balance sheet to all users * Update sync_complete_event.rb The fix removes the sidebar broadcasts (which rendered unscoped account groups using family.balance_sheet without user context) along with the now-unused sidebar_targets, account_group, and family_balance_sheet private methods. The sidebar will still update correctly — when the sync completes, Family::SyncCompleteEvent#broadcast fires family.broadcast_refresh, which triggers a morph-based page refresh for each user with their own authenticated session, rendering properly scoped sidebar content.
2026-04-19 03:54:08 +00:00 · 2026-03-25 10:50:23 +01:00
parent 6cf7d20010
commit 560c9fbff3
75 changed files with 1520 additions and 401 deletions
--- a/app/controllers/concerns/accountable_resource.rb
+++ b/app/controllers/concerns/accountable_resource.rb
@@ -2,9 +2,10 @@ module AccountableResource
  extend ActiveSupport::Concern

  included do
-    include Periodable
+    include Periodable, StreamExtensions

-    before_action :set_account, only: [ :show, :edit, :update ]
+    before_action :set_account, only: [ :show ]
+    before_action :set_manageable_account, only: [ :edit, :update ]
    before_action :set_link_options, only: :new
  end

@@ -39,11 +40,14 @@ module AccountableResource
    rescue Date::Error
      nil
    end || (Time.zone.today - 2.years)
-    @account = Current.family.accounts.create_and_sync(
-      account_params.except(:return_to, :opening_balance_date),
-      opening_balance_date: opening_balance_date
-    )
-    @account.lock_saved_attributes!
+    Account.transaction do
+      @account = Current.family.accounts.create_and_sync(
+        account_params.except(:return_to, :opening_balance_date).merge(owner: Current.user),
+        opening_balance_date: opening_balance_date
+      )
+      @account.lock_saved_attributes!
+      @account.auto_share_with_family! if Current.family.share_all_by_default?
+    end

    redirect_to account_params[:return_to].presence || @account, notice: t("accounts.create.success", type: accountable_type.name.underscore.humanize)
  end
@@ -87,7 +91,19 @@ module AccountableResource
    end

    def set_account
-      @account = Current.family.accounts.find(params[:id])
+      @account = Current.user.accessible_accounts.find(params[:id])
+    end
+
+    def set_manageable_account
+      @account = Current.user.accessible_accounts.find(params[:id])
+      permission = @account.permission_for(Current.user)
+      unless permission.in?([ :owner, :full_control ])
+        respond_to do |format|
+          format.html { redirect_to account_path(@account), alert: t("accounts.not_authorized") }
+          format.turbo_stream { stream_redirect_to(account_path(@account), alert: t("accounts.not_authorized")) }
+        end
+        nil
+      end
    end

    def account_params
--- a/app/controllers/concerns/entryable_resource.rb
+++ b/app/controllers/concerns/entryable_resource.rb
@@ -5,13 +5,15 @@ module EntryableResource
    include StreamExtensions, ActionView::RecordIdentifier

    before_action :set_entry, only: %i[show update destroy]
+
+    helper_method :can_edit_entry?, :can_annotate_entry?
  end

  def show
  end

  def new
-    account = Current.family.accounts.find_by(id: params[:account_id])
+    account = accessible_accounts.find_by(id: params[:account_id])

    @entry = Current.family.entries.new(
      account: account,
@@ -29,11 +31,18 @@ module EntryableResource
  end

  def destroy
-    account = @entry.account
+    unless can_edit_entry?
+      respond_to do |format|
+        format.html { redirect_back_or_to account_path(@entry.account), alert: t("accounts.not_authorized") }
+        format.turbo_stream { stream_redirect_back_or_to(account_path(@entry.account), alert: t("accounts.not_authorized")) }
+      end
+      return
+    end
+
    @entry.destroy!
    @entry.sync_account_later

-    redirect_back_or_to account_path(account), notice: t("account.entries.destroy.success")
+    redirect_back_or_to account_path(@entry.account), notice: t("account.entries.destroy.success")
  end

  private
@@ -42,6 +51,21 @@ module EntryableResource
    end

    def set_entry
-      @entry = Current.family.entries.find(params[:id])
+      @entry = Current.family.entries
+                 .joins(:account)
+                 .merge(Account.accessible_by(Current.user))
+                 .find(params[:id])
+    end
+
+    def entry_permission
+      @entry_permission ||= @entry&.account&.permission_for(Current.user)
+    end
+
+    def can_edit_entry?
+      entry_permission.in?([ :owner, :full_control ])
+    end
+
+    def can_annotate_entry?
+      entry_permission.in?([ :owner, :full_control, :read_write ])
    end
 end