QT/sure
1
0
Fork 0
mirror of https://github.com/we-promise/sure.git synced 2026-04-14 09:34:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6d7ae0aa8a8bfbd3450df4c87dfb5dc30ff2b963
sure/app/models/account_share.rb
soky srm 560c9fbff3 Family sharing (#1272) 
* Initial account sharing changes

* Update schema.rb

* Update schema.rb

* Change sharing UI to modal

* UX fixes and sharing controls

* Scope include in finances better

* Update totals.rb

* Update totals.rb

* Scope reports to finance account scope

* Update impersonation_sessions_controller_test.rb

* Review fixes

* Update schema.rb

* Update show.html.erb

* FIX db validation

* Refine edit permissions

* Review items

* Review

* Review

* Add application level helper

* Critical review

* Address remaining review items

* Fix modals

* more scoping

* linter

* small UI fix

* Fix: Sync broadcasts push unscoped balance sheet to all users

* Update sync_complete_event.rb

 The fix removes the sidebar broadcasts (which rendered unscoped account groups using family.balance_sheet without user context)
  along with the now-unused sidebar_targets, account_group, and family_balance_sheet private methods.

  The sidebar will still update correctly — when the sync completes, Family::SyncCompleteEvent#broadcast fires family.broadcast_refresh, which triggers a
  morph-based page refresh for each user with their own authenticated session, rendering properly scoped sidebar content.
2026-03-25 10:50:23 +01:00

48 lines
1.0 KiB
Ruby
Raw Blame History

class AccountShare < ApplicationRecord
belongs_to :account
belongs_to :user
PERMISSIONS = %w[full_control read_write read_only].freeze
validates :permission, inclusion: { in: PERMISSIONS }
validates :user_id, uniqueness: { scope: :account_id }
validate :cannot_share_with_owner
validate :user_in_same_family
scope :with_permission, ->(permission) { where(permission: permission) }
def full_control?
permission == "full_control"
end
def read_write?
permission == "read_write"
end
def read_only?
permission == "read_only"
end
def can_annotate?
full_control? || read_write?
end
def can_edit?
full_control?
end
private
def cannot_share_with_owner
if account && user && account.owner_id == user_id
errors.add(:user, "is already the owner of this account")
end
end
def user_in_same_family
if account && user && user.family_id != account.family_id
errors.add(:user, "must be in the same family")
end
end
end
Reference in New Issue View Git Blame Copy Permalink