decidim-admin 0.11.2 → 0.12.0.pre

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of decidim-admin might be problematic. Click here for more details.

Files changed (116) hide show
  1. checksums.yaml +4 -4
  2. data/app/assets/javascripts/decidim/admin/application.js.es6 +5 -1
  3. data/app/assets/javascripts/decidim/admin/bundle.js +47 -0
  4. data/app/assets/javascripts/decidim/admin/bundle.js.map +1 -0
  5. data/app/assets/javascripts/decidim/admin/component_permissions.js.es6 +13 -0
  6. data/app/assets/javascripts/decidim/admin/managed_users.js.es6 +2 -1
  7. data/app/assets/javascripts/decidim/admin/subform_toggler.component.js.es6 +14 -7
  8. data/app/assets/stylesheets/decidim/admin/_decidim.scss +2 -0
  9. data/app/assets/stylesheets/decidim/admin/bundle.scss +1 -0
  10. data/app/assets/stylesheets/decidim/admin/components/_autocomplete_select.component.scss +13 -0
  11. data/app/assets/stylesheets/decidim/admin/modules/_secondary-nav.scss +3 -2
  12. data/app/assets/stylesheets/decidim/admin/modules/_table-list.scss +7 -0
  13. data/app/commands/decidim/admin/create_static_page.rb +7 -1
  14. data/app/commands/decidim/admin/update_component_permissions.rb +9 -3
  15. data/app/commands/decidim/admin/update_organization_tos_version.rb +47 -0
  16. data/app/commands/decidim/admin/update_static_page.rb +5 -0
  17. data/app/constraints/decidim/admin/organization_dashboard_constraint.rb +6 -3
  18. data/app/controllers/concerns/decidim/admin/participatory_space_admin_context.rb +2 -2
  19. data/app/controllers/decidim/admin/application_controller.rb +14 -5
  20. data/app/controllers/decidim/admin/area_types_controller.rb +6 -6
  21. data/app/controllers/decidim/admin/areas_controller.rb +6 -6
  22. data/app/controllers/decidim/admin/authorization_workflows_controller.rb +1 -1
  23. data/app/controllers/decidim/admin/categories_controller.rb +7 -7
  24. data/app/controllers/decidim/admin/component_permissions_controller.rb +20 -8
  25. data/app/controllers/decidim/admin/components/base_controller.rb +19 -3
  26. data/app/controllers/decidim/admin/components_controller.rb +8 -8
  27. data/app/controllers/decidim/admin/concerns/has_attachment_collections.rb +8 -8
  28. data/app/controllers/decidim/admin/concerns/has_attachments.rb +11 -9
  29. data/app/controllers/decidim/admin/concerns/has_private_users.rb +5 -5
  30. data/app/controllers/decidim/admin/dashboard_controller.rb +4 -2
  31. data/app/controllers/decidim/admin/exports_controller.rb +1 -1
  32. data/app/controllers/decidim/admin/impersonatable_users_controller.rb +7 -1
  33. data/app/controllers/decidim/admin/impersonations_controller.rb +2 -4
  34. data/app/controllers/decidim/admin/logs_controller.rb +4 -2
  35. data/app/controllers/decidim/admin/managed_users/impersonation_logs_controller.rb +0 -2
  36. data/app/controllers/decidim/admin/managed_users/promotions_controller.rb +2 -2
  37. data/app/controllers/decidim/admin/moderations_controller.rb +4 -4
  38. data/app/controllers/decidim/admin/newsletters_controller.rb +9 -9
  39. data/app/controllers/decidim/admin/oauth_applications_controller.rb +7 -7
  40. data/app/controllers/decidim/admin/officializations_controller.rb +4 -5
  41. data/app/controllers/decidim/admin/organization_appearance_controller.rb +2 -2
  42. data/app/controllers/decidim/admin/organization_controller.rb +21 -2
  43. data/app/controllers/decidim/admin/scope_types_controller.rb +6 -6
  44. data/app/controllers/decidim/admin/scopes_controller.rb +7 -7
  45. data/app/controllers/decidim/admin/static_pages_controller.rb +16 -7
  46. data/app/controllers/decidim/admin/user_groups_controller.rb +3 -3
  47. data/app/controllers/decidim/admin/users_controller.rb +5 -5
  48. data/app/forms/decidim/admin/managed_user_promotion_form.rb +1 -1
  49. data/app/forms/decidim/admin/permission_form.rb +12 -15
  50. data/app/forms/decidim/admin/static_page_form.rb +1 -0
  51. data/app/frontend/components/autocomplete.component.test.tsx +19 -0
  52. data/app/frontend/components/autocomplete.component.tsx +169 -0
  53. data/app/frontend/entry.ts +17 -0
  54. data/app/frontend/entry_test.ts +4 -0
  55. data/app/helpers/decidim/admin/application_helper.rb +0 -4
  56. data/app/permissions/decidim/admin/permissions.rb +161 -0
  57. data/app/permissions/decidim/admin/user_manager_permissions.rb +66 -0
  58. data/app/views/decidim/admin/area_types/index.html.erb +8 -4
  59. data/app/views/decidim/admin/areas/index.html.erb +6 -3
  60. data/app/views/decidim/admin/attachment_collections/index.html.erb +3 -3
  61. data/app/views/decidim/admin/attachment_collections/show.html.erb +2 -2
  62. data/app/views/decidim/admin/attachments/index.html.erb +3 -3
  63. data/app/views/decidim/admin/attachments/show.html.erb +2 -2
  64. data/app/views/decidim/admin/categories/index.html.erb +5 -5
  65. data/app/views/decidim/admin/categories/show.html.erb +2 -2
  66. data/app/views/decidim/admin/component_permissions/_options_form.html.erb +14 -0
  67. data/app/views/decidim/admin/component_permissions/edit.html.erb +37 -16
  68. data/app/views/decidim/admin/components/_component.html.erb +6 -4
  69. data/app/views/decidim/admin/components/_form.html.erb +6 -6
  70. data/app/views/decidim/admin/dashboard/show.html.erb +1 -1
  71. data/app/views/decidim/admin/impersonatable_users/index.html.erb +5 -3
  72. data/app/views/decidim/admin/moderations/index.html.erb +2 -2
  73. data/app/views/decidim/admin/newsletters/index.html.erb +5 -3
  74. data/app/views/decidim/admin/newsletters/show.html.erb +1 -1
  75. data/app/views/decidim/admin/oauth_applications/index.html.erb +5 -3
  76. data/app/views/decidim/admin/participatory_space_private_users/index.html.erb +3 -3
  77. data/app/views/decidim/admin/scope_types/index.html.erb +5 -3
  78. data/app/views/decidim/admin/scopes/index.html.erb +4 -4
  79. data/app/views/decidim/admin/static_pages/_form.html.erb +3 -1
  80. data/app/views/decidim/admin/static_pages/_form_notable_changes.html.erb +9 -0
  81. data/app/views/decidim/admin/static_pages/index.html.erb +11 -3
  82. data/app/views/decidim/admin/static_pages/show.html.erb +2 -2
  83. data/app/views/decidim/admin/user_groups/index.html.erb +2 -2
  84. data/app/views/decidim/admin/users/index.html.erb +5 -3
  85. data/app/views/layouts/decidim/admin/_application.html.erb +0 -1
  86. data/app/views/layouts/decidim/admin/_template_top.html.erb +1 -0
  87. data/app/views/layouts/decidim/admin/users.html.erb +4 -4
  88. data/config/locales/ca.yml +8 -0
  89. data/config/locales/en.yml +8 -0
  90. data/config/locales/es.yml +8 -0
  91. data/config/locales/eu.yml +8 -0
  92. data/config/locales/fi.yml +8 -0
  93. data/config/locales/fr.yml +8 -0
  94. data/config/locales/gl.yml +8 -0
  95. data/config/locales/it.yml +8 -0
  96. data/config/locales/nl.yml +8 -0
  97. data/config/locales/pl.yml +8 -0
  98. data/config/locales/pt-BR.yml +8 -0
  99. data/config/locales/pt.yml +8 -0
  100. data/config/locales/ru.yml +11 -3
  101. data/config/locales/sv.yml +8 -0
  102. data/config/locales/uk.yml +8 -0
  103. data/config/routes.rb +5 -1
  104. data/lib/decidim/admin.rb +1 -0
  105. data/lib/decidim/admin/engine.rb +17 -20
  106. data/lib/decidim/admin/form_builder.rb +64 -0
  107. data/lib/decidim/admin/test/manage_component_permissions_examples.rb +92 -15
  108. data/lib/decidim/admin/version.rb +1 -1
  109. metadata +25 -17
  110. data/app/models/decidim/admin/abilities/admin_ability.rb +0 -76
  111. data/app/models/decidim/admin/abilities/base_ability.rb +0 -21
  112. data/app/models/decidim/admin/abilities/participatory_process_admin_ability.rb +0 -58
  113. data/app/models/decidim/admin/abilities/participatory_process_collaborator_ability.rb +0 -19
  114. data/app/models/decidim/admin/abilities/participatory_process_moderator_ability.rb +0 -23
  115. data/app/models/decidim/admin/abilities/user_manager_ability.rb +0 -34
  116. data/app/models/decidim/admin/application_record.rb +0 -11
@@ -9,17 +9,17 @@ module Decidim
9
9
  helper_method :area, :organization_areas
10
10
 
11
11
  def index
12
- authorize! :index, Area
12
+ enforce_permission_to :read, :area
13
13
  @areas = organization_areas
14
14
  end
15
15
 
16
16
  def new
17
- authorize! :new, Area
17
+ enforce_permission_to :create, :area
18
18
  @form = form(AreaForm).instance
19
19
  end
20
20
 
21
21
  def create
22
- authorize! :new, Area
22
+ enforce_permission_to :create, :area
23
23
  @form = form(AreaForm).from_params(params)
24
24
  CreateArea.call(@form) do
25
25
  on(:ok) do
@@ -35,12 +35,12 @@ module Decidim
35
35
  end
36
36
 
37
37
  def edit
38
- authorize! :update, area
38
+ enforce_permission_to :update, :area, area: area
39
39
  @form = form(AreaForm).from_model(area)
40
40
  end
41
41
 
42
42
  def update
43
- authorize! :update, area
43
+ enforce_permission_to :update, :area, area: area
44
44
  @form = form(AreaForm).from_params(params)
45
45
 
46
46
  UpdateArea.call(area, @form) do
@@ -57,7 +57,7 @@ module Decidim
57
57
  end
58
58
 
59
59
  def destroy
60
- authorize! :destroy, area
60
+ enforce_permission_to :destroy, :area, area: area
61
61
 
62
62
  DestroyArea.call(area, current_user) do
63
63
  on(:ok) do
@@ -6,7 +6,7 @@ module Decidim
6
6
  layout "decidim/admin/users"
7
7
 
8
8
  def index
9
- authorize! :index, :authorization_workflows
9
+ enforce_permission_to :index, :authorization_workflows
10
10
 
11
11
  @workflows = Decidim::Verifications.admin_workflows
12
12
  end
@@ -9,16 +9,16 @@ module Decidim
9
9
  participatory_space_admin_layout
10
10
 
11
11
  def index
12
- authorize! :read, Decidim::Category
12
+ enforce_permission_to :read, :category
13
13
  end
14
14
 
15
15
  def new
16
- authorize! :create, Decidim::Category
16
+ enforce_permission_to :create, :category
17
17
  @form = form(CategoryForm).from_params({}, current_participatory_space: current_participatory_space)
18
18
  end
19
19
 
20
20
  def create
21
- authorize! :create, Decidim::Category
21
+ enforce_permission_to :create, :category
22
22
  @form = form(CategoryForm).from_params(params, current_participatory_space: current_participatory_space)
23
23
 
24
24
  CreateCategory.call(@form, current_participatory_space) do
@@ -36,13 +36,13 @@ module Decidim
36
36
 
37
37
  def edit
38
38
  @category = collection.find(params[:id])
39
- authorize! :update, @category
39
+ enforce_permission_to :update, :category, category: @category
40
40
  @form = form(CategoryForm).from_model(@category, current_participatory_space: current_participatory_space)
41
41
  end
42
42
 
43
43
  def update
44
44
  @category = collection.find(params[:id])
45
- authorize! :update, @category
45
+ enforce_permission_to :update, :category, category: @category
46
46
  @form = form(CategoryForm).from_params(params, current_participatory_space: current_participatory_space)
47
47
 
48
48
  UpdateCategory.call(@category, @form) do
@@ -60,12 +60,12 @@ module Decidim
60
60
 
61
61
  def show
62
62
  @category = collection.find(params[:id])
63
- authorize! :read, @category
63
+ enforce_permission_to :read, :category, category: @category
64
64
  end
65
65
 
66
66
  def destroy
67
67
  @category = collection.find(params[:id])
68
- authorize! :destroy, @category
68
+ enforce_permission_to :destroy, :category, category: @category
69
69
 
70
70
  DestroyCategory.call(@category) do
71
71
  on(:ok) do
@@ -5,17 +5,17 @@ module Decidim
5
5
  # Controller that allows managing component permissions.
6
6
  #
7
7
  class ComponentPermissionsController < Decidim::Admin::ApplicationController
8
- helper_method :authorizations, :component
8
+ helper_method :authorizations, :other_authorizations_for, :component
9
9
 
10
10
  def edit
11
- authorize! :update, component
11
+ enforce_permission_to :update, :component, component: component
12
12
  @permissions_form = PermissionsForm.new(
13
13
  permissions: permission_forms
14
14
  )
15
15
  end
16
16
 
17
17
  def update
18
- authorize! :update, component
18
+ enforce_permission_to :update, :component, component: component
19
19
  @permissions_form = PermissionsForm.from_params(params)
20
20
 
21
21
  UpdateComponentPermissions.call(@permissions_form, component) do
@@ -33,12 +33,10 @@ module Decidim
33
33
  private
34
34
 
35
35
  def permission_forms
36
- permissions = component.permissions || {}
37
-
38
- @permission_forms ||= component.manifest.actions.inject({}) do |result, action|
36
+ component.manifest.actions.inject({}) do |result, action|
39
37
  form = PermissionForm.new(
40
- authorization_handler_name: permissions.dig(action, "authorization_handler_name"),
41
- options: permissions.dig(action, "options").try(:to_json)
38
+ authorization_handler_name: authorization_for(action),
39
+ options: permissions.dig(action, "options")
42
40
  )
43
41
 
44
42
  result.update(action => form)
@@ -51,9 +49,23 @@ module Decidim
51
49
  )
52
50
  end
53
51
 
52
+ def other_authorizations_for(action)
53
+ Verifications::Adapter.from_collection(
54
+ current_organization.available_authorizations - [authorization_for(action)]
55
+ )
56
+ end
57
+
54
58
  def component
55
59
  @component ||= current_participatory_space.components.find(params[:component_id])
56
60
  end
61
+
62
+ def permissions
63
+ @permissions ||= component.permissions || {}
64
+ end
65
+
66
+ def authorization_for(action)
67
+ permissions.dig(action, "authorization_handler_name")
68
+ end
57
69
  end
58
70
  end
59
71
  end
@@ -6,10 +6,10 @@ module Decidim
6
6
  # This controller is the abstract class from which all component
7
7
  # controllers in their admin engines should inherit from.
8
8
  class BaseController < Admin::ApplicationController
9
- skip_authorize_resource
10
9
  include Settings
11
10
 
12
11
  include Decidim::Admin::ParticipatorySpaceAdminContext
12
+ include Decidim::NeedsPermission
13
13
  participatory_space_admin_layout
14
14
 
15
15
  helper Decidim::ResourceHelper
@@ -21,11 +21,27 @@ module Decidim
21
21
  :parent_path
22
22
 
23
23
  before_action except: [:index, :show] do
24
- authorize! :manage, current_component
24
+ enforce_permission_to :manage, :component, component: current_component
25
25
  end
26
26
 
27
27
  before_action on: [:index, :show] do
28
- authorize! :read, current_component
28
+ enforce_permission_to :read, :component, component: current_component
29
+ end
30
+
31
+ def permissions_context
32
+ super.merge(participatory_space: current_participatory_space)
33
+ end
34
+
35
+ def permission_class_chain
36
+ [
37
+ current_component.manifest.permissions_class,
38
+ current_participatory_space.manifest.permissions_class,
39
+ Decidim::Admin::Permissions
40
+ ]
41
+ end
42
+
43
+ def permission_scope
44
+ :admin
29
45
  end
30
46
 
31
47
  def current_component
@@ -9,13 +9,13 @@ module Decidim
9
9
  helper_method :manifest, :current_participatory_space
10
10
 
11
11
  def index
12
- authorize! :read, Component
12
+ enforce_permission_to :read, :component
13
13
  @manifests = Decidim.component_manifests
14
14
  @components = current_participatory_space.components
15
15
  end
16
16
 
17
17
  def new
18
- authorize! :create, Component
18
+ enforce_permission_to :create, :component
19
19
 
20
20
  @component = Component.new(
21
21
  name: default_name(manifest),
@@ -28,7 +28,7 @@ module Decidim
28
28
 
29
29
  def create
30
30
  @form = form(ComponentForm).from_params(params)
31
- authorize! :create, Component
31
+ enforce_permission_to :create, :component
32
32
 
33
33
  CreateComponent.call(manifest, @form, current_participatory_space) do
34
34
  on(:ok) do
@@ -45,7 +45,7 @@ module Decidim
45
45
 
46
46
  def edit
47
47
  @component = query_scope.find(params[:id])
48
- authorize! :update, @component
48
+ enforce_permission_to :update, :component, component: @component
49
49
 
50
50
  @form = form(ComponentForm).from_model(@component)
51
51
  end
@@ -53,7 +53,7 @@ module Decidim
53
53
  def update
54
54
  @component = query_scope.find(params[:id])
55
55
  @form = form(ComponentForm).from_params(params)
56
- authorize! :update, @component
56
+ enforce_permission_to :update, :component, component: @component
57
57
 
58
58
  UpdateComponent.call(@form, @component) do
59
59
  on(:ok) do |settings_changed, previous_settings, current_settings|
@@ -72,7 +72,7 @@ module Decidim
72
72
 
73
73
  def destroy
74
74
  @component = query_scope.find(params[:id])
75
- authorize! :destroy, @component
75
+ enforce_permission_to :destroy, :component, component: @component
76
76
 
77
77
  DestroyComponent.call(@component, current_user) do
78
78
  on(:ok) do
@@ -89,7 +89,7 @@ module Decidim
89
89
 
90
90
  def publish
91
91
  @component = query_scope.find(params[:id])
92
- authorize! :update, @component
92
+ enforce_permission_to :publish, :component, component: @component
93
93
 
94
94
  PublishComponent.call(@component, current_user) do
95
95
  on(:ok) do
@@ -101,7 +101,7 @@ module Decidim
101
101
 
102
102
  def unpublish
103
103
  @component = query_scope.find(params[:id])
104
- authorize! :update, @component
104
+ enforce_permission_to :unpublish, :component, component: @component
105
105
 
106
106
  UnpublishComponent.call(@component, current_user) do
107
107
  on(:ok) do
@@ -13,22 +13,22 @@ module Decidim
13
13
  extend ActiveSupport::Concern
14
14
 
15
15
  included do
16
- helper_method :collection_for, :authorization_object
16
+ helper_method :collection_for, :attachment_collection
17
17
 
18
18
  def index
19
- authorize! :read, authorization_object
19
+ enforce_permission_to :read, :attachment_collection
20
20
 
21
21
  render template: "decidim/admin/attachment_collections/index"
22
22
  end
23
23
 
24
24
  def new
25
- authorize! :create, authorization_object
25
+ enforce_permission_to :create, :attachment_collection
26
26
  @form = form(AttachmentCollectionForm).from_params({}, collection_for: collection_for)
27
27
  render template: "decidim/admin/attachment_collections/new"
28
28
  end
29
29
 
30
30
  def create
31
- authorize! :create, authorization_object
31
+ enforce_permission_to :create, :attachment_collection
32
32
  @form = form(AttachmentCollectionForm).from_params(params, collection_for: collection_for)
33
33
 
34
34
  CreateAttachmentCollection.call(@form, collection_for) do
@@ -46,14 +46,14 @@ module Decidim
46
46
 
47
47
  def edit
48
48
  @attachment_collection = collection.find(params[:id])
49
- authorize! :update, authorization_object
49
+ enforce_permission_to :update, :attachment_collection, attachment_collection: @attachment_collection
50
50
  @form = form(AttachmentCollectionForm).from_model(@attachment_collection, collection_for: collection_for)
51
51
  render template: "decidim/admin/attachment_collections/edit"
52
52
  end
53
53
 
54
54
  def update
55
55
  @attachment_collection = collection.find(params[:id])
56
- authorize! :update, authorization_object
56
+ enforce_permission_to :update, :attachment_collection, attachment_collection: @attachment_collection
57
57
  @form = form(AttachmentCollectionForm).from_params(params, collection_for: collection_for)
58
58
 
59
59
  UpdateAttachmentCollection.call(@attachment_collection, @form) do
@@ -71,13 +71,13 @@ module Decidim
71
71
 
72
72
  def show
73
73
  @attachment_collection = collection.find(params[:id])
74
- authorize! :read, authorization_object
74
+ enforce_permission_to :read, :attachment_collection, attachment_collection: @attachment_collection
75
75
  render template: "decidim/admin/attachment_collections/show"
76
76
  end
77
77
 
78
78
  def destroy
79
79
  @attachment_collection = collection.find(params[:id])
80
- authorize! :destroy, authorization_object
80
+ enforce_permission_to :destroy, :attachment_collection, attachment_collection: @attachment_collection
81
81
  @attachment_collection.destroy!
82
82
 
83
83
  flash[:notice] = I18n.t("attachment_collections.destroy.success", scope: "decidim.admin")
@@ -13,22 +13,22 @@ module Decidim
13
13
  extend ActiveSupport::Concern
14
14
 
15
15
  included do
16
- helper_method :attached_to, :authorization_object
16
+ helper_method :attached_to, :attachment
17
17
 
18
18
  def index
19
- authorize! :read, authorization_object
19
+ enforce_permission_to :read, :attachment, attached_to: attached_to
20
20
 
21
21
  render template: "decidim/admin/attachments/index"
22
22
  end
23
23
 
24
24
  def new
25
- authorize! :create, authorization_object
25
+ enforce_permission_to :create, :attachment, attached_to: attached_to
26
26
  @form = form(AttachmentForm).from_params({}, attached_to: attached_to)
27
27
  render template: "decidim/admin/attachments/new"
28
28
  end
29
29
 
30
30
  def create
31
- authorize! :create, authorization_object
31
+ enforce_permission_to :create, :attachment, attached_to: attached_to
32
32
  @form = form(AttachmentForm).from_params(params, attached_to: attached_to)
33
33
 
34
34
  CreateAttachment.call(@form, attached_to) do
@@ -46,14 +46,14 @@ module Decidim
46
46
 
47
47
  def edit
48
48
  @attachment = collection.find(params[:id])
49
- authorize! :update, authorization_object
49
+ enforce_permission_to :update, :attachment, attachment: attachment
50
50
  @form = form(AttachmentForm).from_model(@attachment, attached_to: attached_to)
51
51
  render template: "decidim/admin/attachments/edit"
52
52
  end
53
53
 
54
54
  def update
55
55
  @attachment = collection.find(params[:id])
56
- authorize! :update, authorization_object
56
+ enforce_permission_to :update, :attachment, attachment: attachment
57
57
  @form = form(AttachmentForm).from_params(attachment_params, attached_to: attached_to)
58
58
 
59
59
  UpdateAttachment.call(@attachment, @form) do
@@ -71,13 +71,13 @@ module Decidim
71
71
 
72
72
  def show
73
73
  @attachment = collection.find(params[:id])
74
- authorize! :read, authorization_object
74
+ enforce_permission_to :read, :attachment, attachment: attachment
75
75
  render template: "decidim/admin/attachments/show"
76
76
  end
77
77
 
78
78
  def destroy
79
79
  @attachment = collection.find(params[:id])
80
- authorize! :destroy, authorization_object
80
+ enforce_permission_to :destroy, :attachment, attachment: attachment
81
81
  @attachment.destroy!
82
82
 
83
83
  flash[:notice] = I18n.t("attachments.destroy.success", scope: "decidim.admin")
@@ -103,7 +103,7 @@ module Decidim
103
103
  # verify the user can manage the attachments
104
104
  #
105
105
  # By default is the same as the attached_to.
106
- def authorization_object
106
+ def attachment
107
107
  attached_to
108
108
  end
109
109
 
@@ -111,6 +111,8 @@ module Decidim
111
111
  @collection ||= attached_to.attachments
112
112
  end
113
113
 
114
+ attr_reader :attachment
115
+
114
116
  private
115
117
 
116
118
  def attachment_params
@@ -16,19 +16,19 @@ module Decidim
16
16
  helper_method :privatable_to, :authorization_object, :collection
17
17
 
18
18
  def index
19
- authorize! :read, authorization_object
19
+ enforce_permission_to :read, :space_private_user
20
20
 
21
21
  render template: "decidim/admin/participatory_space_private_users/index"
22
22
  end
23
23
 
24
24
  def new
25
- authorize! :create, authorization_object
25
+ enforce_permission_to :create, :space_private_user
26
26
  @form = form(ParticipatorySpacePrivateUserForm).from_params({}, privatable_to: privatable_to)
27
27
  render template: "decidim/admin/participatory_space_private_users/new"
28
28
  end
29
29
 
30
30
  def create
31
- authorize! :create, authorization_object
31
+ enforce_permission_to :create, :space_private_user
32
32
  @form = form(ParticipatorySpacePrivateUserForm).from_params(params, privatable_to: privatable_to)
33
33
 
34
34
  CreateParticipatorySpacePrivateUser.call(@form, current_user, current_participatory_space) do
@@ -46,7 +46,7 @@ module Decidim
46
46
 
47
47
  def destroy
48
48
  @private_user = collection.find(params[:id])
49
- authorize! :destroy, authorization_object
49
+ enforce_permission_to :destroy, :space_private_user, private_user: @private_user
50
50
  @private_user.destroy!
51
51
 
52
52
  flash[:notice] = I18n.t("participatory_space_private_users.destroy.success", scope: "decidim.admin")
@@ -56,7 +56,7 @@ module Decidim
56
56
 
57
57
  def resend_invitation
58
58
  @private_user = collection.find(params[:id])
59
- authorize! :invite, authorization_object
59
+ enforce_permission_to :invite, :space_private_user, private_user: @private_user
60
60
  InviteUserAgain.call(@private_user.user, "invite_private_user") do
61
61
  on(:ok) do
62
62
  flash[:notice] = I18n.t("users.resend_invitation.success", scope: "decidim.admin")