QT/sure
1
0
Fork 0
mirror of https://github.com/we-promise/sure.git synced 2026-06-02 17:29:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Family sharing (#1272)

Browse Source 
* Initial account sharing changes

* Update schema.rb

* Update schema.rb

* Change sharing UI to modal

* UX fixes and sharing controls

* Scope include in finances better

* Update totals.rb

* Update totals.rb

* Scope reports to finance account scope

* Update impersonation_sessions_controller_test.rb

* Review fixes

* Update schema.rb

* Update show.html.erb

* FIX db validation

* Refine edit permissions

* Review items

* Review

* Review

* Add application level helper

* Critical review

* Address remaining review items

* Fix modals

* more scoping

* linter

* small UI fix

* Fix: Sync broadcasts push unscoped balance sheet to all users

* Update sync_complete_event.rb

 The fix removes the sidebar broadcasts (which rendered unscoped account groups using family.balance_sheet without user context)
  along with the now-unused sidebar_targets, account_group, and family_balance_sheet private methods.

  The sidebar will still update correctly — when the sync completes, Family::SyncCompleteEvent#broadcast fires family.broadcast_refresh, which triggers a
  morph-based page refresh for each user with their own authenticated session, rendering properly scoped sidebar content.
This commit is contained in:
soky srm
2026-03-25 10:50:23 +01:00
committed by GitHub
parent 6cf7d20010
commit 560c9fbff3
75 changed files with 1520 additions and 401 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/controllers/splits_controller.rb
View File

@@ -1,5 +1,6 @@
class SplitsController < ApplicationController
before_action :set_entry
before_action :require_split_write_permission!, only: %i[create update destroy]
def new
@categories = Current.family.categories.alphabetically
@@ -82,7 +83,14 @@ class SplitsController < ApplicationController
private
def set_entry
@entry = Current.family.entries.find(params[:transaction_id])
@entry = Current.accessible_entries.find(params[:transaction_id])
end
def require_split_write_permission!
permission = @entry.account.permission_for(Current.user)
unless permission.in?([ :owner, :full_control ])
redirect_back_or_to transactions_path, alert: t("accounts.not_authorized")
end
end
def resolve_to_parent!