diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index bbaaddf7..9abd2b54 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -28,4 +28,9 @@ def require_user! save_passwordless_redirect_location!(User) redirect_to auth_sign_in_url, flash: { notice: 'Please sign in.' } end + + def require_company_owner_or_admin! + return if current_user.owner? || current_user.admin? + redirect_to root_url, flash: { error: 'You are not authorized to access this page.' } + end end diff --git a/app/controllers/settings_controller.rb b/app/controllers/settings_controller.rb index 896e2a52..c148e5be 100644 --- a/app/controllers/settings_controller.rb +++ b/app/controllers/settings_controller.rb @@ -1,4 +1,21 @@ class SettingsController < ApplicationController + + before_action :require_company_owner_or_admin! def show end + + def update + if current_company.update(update_params) + flash[:success] = "Company updated successfully" + redirect_to settings_path + else + render :show + end + end + + private + + def update_params + params.require(:company).permit(:name) + end end diff --git a/app/javascript/controllers/flash_controller.js b/app/javascript/controllers/flash_controller.js new file mode 100644 index 00000000..51064bdc --- /dev/null +++ b/app/javascript/controllers/flash_controller.js @@ -0,0 +1,10 @@ +import { Controller } from "@hotwired/stimulus" + +// Connects to data-controller="settings-tabs" +export default class extends Controller { + + close() { + this.element.remove() + } +} + diff --git a/app/models/user.rb b/app/models/user.rb index 4610e52a..f90a7220 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -18,4 +18,8 @@ class User < ApplicationRecord def owner? memberships.find_by(company: current_company).role == Membership::OWNER end + + def admin? + memberships.find_by(company: current_company).role == Membership::ADMIN + end end diff --git a/app/views/settings/show.html.erb b/app/views/settings/show.html.erb index 01fbd96d..7bc14ffd 100644 --- a/app/views/settings/show.html.erb +++ b/app/views/settings/show.html.erb @@ -1 +1,26 @@ -<%= render(Settings::TabsComponent.new) %> \ No newline at end of file +<%= render(Settings::TabsComponent.new) %> + +
This is an area that might make sense for a company's default settings (projects bill monthly, etc.)
+ +