diff --git a/decidim-admin/app/controllers/decidim/admin/static_page_topics_controller.rb b/decidim-admin/app/controllers/decidim/admin/static_page_topics_controller.rb index 9c5244b355eda..4d984bbfcb845 100644 --- a/decidim-admin/app/controllers/decidim/admin/static_page_topics_controller.rb +++ b/decidim-admin/app/controllers/decidim/admin/static_page_topics_controller.rb @@ -64,9 +64,7 @@ def destroy private def topic - @topic ||= StaticPageTopic.where( - organization: current_organization - ).find(params[:id]) + @topic ||= current_organization.static_page_topics.find(params[:id]) end end end diff --git a/decidim-assemblies/app/controllers/decidim/assemblies/admin/assemblies_types_controller.rb b/decidim-assemblies/app/controllers/decidim/assemblies/admin/assemblies_types_controller.rb index b725c5d431b25..a90cd46fce40b 100644 --- a/decidim-assemblies/app/controllers/decidim/assemblies/admin/assemblies_types_controller.rb +++ b/decidim-assemblies/app/controllers/decidim/assemblies/admin/assemblies_types_controller.rb @@ -95,7 +95,7 @@ def available_assemblies_types end def current_assembly_type - @current_assembly_type ||= AssembliesType.find(params[:id]) + @current_assembly_type ||= available_assemblies_types.find(params[:id]) end def assembly_type_form diff --git a/decidim-assemblies/app/controllers/decidim/assemblies/admin/assembly_members_controller.rb b/decidim-assemblies/app/controllers/decidim/assemblies/admin/assembly_members_controller.rb index eb425117f9f3f..371be8015c154 100644 --- a/decidim-assemblies/app/controllers/decidim/assemblies/admin/assembly_members_controller.rb +++ b/decidim-assemblies/app/controllers/decidim/assemblies/admin/assembly_members_controller.rb @@ -79,7 +79,7 @@ def destroy private def collection - @collection ||= Decidim::AssemblyMember.where(assembly: current_assembly) + @collection ||= current_assembly.members end end end diff --git a/decidim-budgets/app/controllers/decidim/budgets/admin/application_controller.rb b/decidim-budgets/app/controllers/decidim/budgets/admin/application_controller.rb index ea46a80f4bb71..88d0e91fb6839 100644 --- a/decidim-budgets/app/controllers/decidim/budgets/admin/application_controller.rb +++ b/decidim-budgets/app/controllers/decidim/budgets/admin/application_controller.rb @@ -22,8 +22,6 @@ def projects end def project - return unless projects - @project ||= projects.find(params[:id]) end end diff --git a/decidim-budgets/app/controllers/decidim/budgets/admin/attachment_collections_controller.rb b/decidim-budgets/app/controllers/decidim/budgets/admin/attachment_collections_controller.rb index 040f0949c292b..971864952282f 100644 --- a/decidim-budgets/app/controllers/decidim/budgets/admin/attachment_collections_controller.rb +++ b/decidim-budgets/app/controllers/decidim/budgets/admin/attachment_collections_controller.rb @@ -17,7 +17,7 @@ def collection_for end def project - @project ||= Decidim::Budgets::Project.find(params[:project_id]) + @project ||= Decidim::Budgets::Project.joins(:budget).where(budget: { component: current_component }).find(params[:project_id]) end end end diff --git a/decidim-budgets/app/controllers/decidim/budgets/admin/attachments_controller.rb b/decidim-budgets/app/controllers/decidim/budgets/admin/attachments_controller.rb index 832bdbcad67fd..333d89be30924 100644 --- a/decidim-budgets/app/controllers/decidim/budgets/admin/attachments_controller.rb +++ b/decidim-budgets/app/controllers/decidim/budgets/admin/attachments_controller.rb @@ -17,8 +17,12 @@ def attached_to project end + def projects + @projects ||= Decidim::Budgets::Project.joins(:budget).where(budget: { component: current_component }) + end + def project - @project ||= Decidim::Budgets::Project.find(params[:project_id]) + @project ||= projects.find(params[:project_id]) end end end diff --git a/decidim-budgets/app/controllers/decidim/budgets/admin/budgets_controller.rb b/decidim-budgets/app/controllers/decidim/budgets/admin/budgets_controller.rb index 686067ff88453..5d822c03b49d8 100644 --- a/decidim-budgets/app/controllers/decidim/budgets/admin/budgets_controller.rb +++ b/decidim-budgets/app/controllers/decidim/budgets/admin/budgets_controller.rb @@ -79,7 +79,7 @@ def budget end def orders - @orders ||= Order.where(decidim_budgets_budget_id: budgets) + @orders ||= Order.where(budget: budgets) end def pending_orders diff --git a/decidim-budgets/app/controllers/decidim/budgets/line_items_controller.rb b/decidim-budgets/app/controllers/decidim/budgets/line_items_controller.rb index f81b01e2f3ed9..d4c6fac6cdd9c 100644 --- a/decidim-budgets/app/controllers/decidim/budgets/line_items_controller.rb +++ b/decidim-budgets/app/controllers/decidim/budgets/line_items_controller.rb @@ -44,11 +44,11 @@ def destroy private def project - @project ||= Project.includes(:budget).find_by(id: params[:project_id], decidim_budgets_budget_id: params[:budget_id]) + @project ||= budget&.projects&.find_by(id: params[:project_id]) end def budget - @budget ||= project.budget + @budget ||= Budget.find_by(id: params[:budget_id], component: current_component) end end end diff --git a/decidim-budgets/app/controllers/decidim/budgets/orders_controller.rb b/decidim-budgets/app/controllers/decidim/budgets/orders_controller.rb index 19e08b467596b..f30011144b4bf 100644 --- a/decidim-budgets/app/controllers/decidim/budgets/orders_controller.rb +++ b/decidim-budgets/app/controllers/decidim/budgets/orders_controller.rb @@ -39,7 +39,7 @@ def destroy private def budget - @budget ||= Budget.find_by(id: params[:budget_id]) + @budget ||= Budget.find_by(id: params[:budget_id], component: current_component) end def redirect_path diff --git a/decidim-budgets/app/controllers/decidim/budgets/projects_controller.rb b/decidim-budgets/app/controllers/decidim/budgets/projects_controller.rb index f7101774c5d5d..a4f2f53044da1 100644 --- a/decidim-budgets/app/controllers/decidim/budgets/projects_controller.rb +++ b/decidim-budgets/app/controllers/decidim/budgets/projects_controller.rb @@ -37,7 +37,7 @@ def all_geocoded_projects end def project - @project ||= Project.find_by(id: params[:id]) + @project ||= budget&.projects&.find_by(id: params[:id]) end def search_collection diff --git a/decidim-conferences/app/controllers/decidim/conferences/admin/conference_invites_controller.rb b/decidim-conferences/app/controllers/decidim/conferences/admin/conference_invites_controller.rb index 2df275232742c..3292fe9daccba 100644 --- a/decidim-conferences/app/controllers/decidim/conferences/admin/conference_invites_controller.rb +++ b/decidim-conferences/app/controllers/decidim/conferences/admin/conference_invites_controller.rb @@ -10,29 +10,31 @@ class ConferenceInvitesController < Decidim::Conferences::Admin::ApplicationCont helper_method :conference + alias conference current_participatory_space + def index - enforce_permission_to :read_invites, :conference, conference: conference + enforce_permission_to(:read_invites, :conference, conference: current_participatory_space) @query = params[:q] @status = params[:status] - @conference_invites = Decidim::Conferences::Admin::ConferenceInvites.for(conference.conference_invites, @query, @status).page(params[:page]).per(15) + @conference_invites = Decidim::Conferences::Admin::ConferenceInvites.for(current_participatory_space.conference_invites, @query, @status).page(params[:page]).per(15) end def new - enforce_permission_to :invite_attendee, :conference, conference: conference + enforce_permission_to(:invite_attendee, :conference, conference: current_participatory_space) @form = form(ConferenceRegistrationInviteForm).instance end def create - enforce_permission_to :invite_attendee, :conference, conference: conference + enforce_permission_to(:invite_attendee, :conference, conference: current_participatory_space) @form = form(ConferenceRegistrationInviteForm).from_params(params) - InviteUserToJoinConference.call(@form, conference, current_user) do + InviteUserToJoinConference.call(@form, current_participatory_space, current_user) do on(:ok) do flash[:notice] = I18n.t("conference_invites.create.success", scope: "decidim.conferences.admin") - redirect_to conference_conference_invites_path(conference) + redirect_to conference_conference_invites_path(current_participatory_space) end on(:invalid) do @@ -41,12 +43,6 @@ def create end end end - - private - - def conference - @conference ||= Decidim::Conference.find_by(slug: params[:conference_slug]) - end end end end diff --git a/decidim-conferences/app/controllers/decidim/conferences/admin/conference_registrations_controller.rb b/decidim-conferences/app/controllers/decidim/conferences/admin/conference_registrations_controller.rb index 6302c8f7310e7..23311e682dff1 100644 --- a/decidim-conferences/app/controllers/decidim/conferences/admin/conference_registrations_controller.rb +++ b/decidim-conferences/app/controllers/decidim/conferences/admin/conference_registrations_controller.rb @@ -11,16 +11,18 @@ class ConferenceRegistrationsController < Decidim::Conferences::Admin::Applicati helper_method :conference + alias conference current_participatory_space + def index - enforce_permission_to :read_conference_registrations, :conference, conference: conference + enforce_permission_to(:read_conference_registrations, :conference, conference: current_participatory_space) - @conference_registrations = paginate(Decidim::Conferences::ConferenceRegistration.where(conference: conference)) + @conference_registrations = paginate(current_participatory_space.conference_registrations) end def export - enforce_permission_to :export_conference_registrations, :conference, conference: conference + enforce_permission_to(:export_conference_registrations, :conference, conference: current_participatory_space) - ExportConferenceRegistrations.call(conference, params[:format], current_user) do + ExportConferenceRegistrations.call(current_participatory_space, params[:format], current_user) do on(:ok) do |export_data| send_data export_data.read, type: "text/#{export_data.extension}", filename: export_data.filename("conference_registrations") end @@ -28,7 +30,7 @@ def export end def confirm - enforce_permission_to :confirm, :conference_registration, conference_registration: conference_registration + enforce_permission_to(:confirm, :conference_registration, conference_registration: conference_registration) ConfirmConferenceRegistration.call(conference_registration, current_user) do on(:ok) do @@ -45,14 +47,10 @@ def confirm private - def conference - @conference ||= Decidim::Conference.find_by(slug: params[:conference_slug]) - end - def conference_registration return if params[:id].blank? - @conference_registration ||= conference.conference_registrations.find_by(id: params[:id]) + @conference_registration ||= current_participatory_space.conference_registrations.find_by(id: params[:id]) end end end diff --git a/decidim-conferences/app/controllers/decidim/conferences/admin/conference_speakers_controller.rb b/decidim-conferences/app/controllers/decidim/conferences/admin/conference_speakers_controller.rb index e7d9cb29a21d3..b91925050fd9c 100644 --- a/decidim-conferences/app/controllers/decidim/conferences/admin/conference_speakers_controller.rb +++ b/decidim-conferences/app/controllers/decidim/conferences/admin/conference_speakers_controller.rb @@ -85,7 +85,7 @@ def conference_speaker end def collection - @collection ||= Decidim::ConferenceSpeaker.where(conference: current_conference) + @collection ||= current_conference.speakers end end end diff --git a/decidim-conferences/app/controllers/decidim/conferences/admin/media_links_controller.rb b/decidim-conferences/app/controllers/decidim/conferences/admin/media_links_controller.rb index c1475b9264a9e..65639582da2c3 100644 --- a/decidim-conferences/app/controllers/decidim/conferences/admin/media_links_controller.rb +++ b/decidim-conferences/app/controllers/decidim/conferences/admin/media_links_controller.rb @@ -75,7 +75,7 @@ def destroy private def collection - @collection ||= Decidim::Conferences::MediaLink.where(conference: current_conference) + @collection ||= current_conference.media_links end end end diff --git a/decidim-conferences/app/controllers/decidim/conferences/admin/partners_controller.rb b/decidim-conferences/app/controllers/decidim/conferences/admin/partners_controller.rb index 8b555e4387e98..8d05518d6d4b8 100644 --- a/decidim-conferences/app/controllers/decidim/conferences/admin/partners_controller.rb +++ b/decidim-conferences/app/controllers/decidim/conferences/admin/partners_controller.rb @@ -76,7 +76,7 @@ def destroy private def collection - @collection ||= Decidim::Conferences::Partner.where(conference: current_conference) + @collection ||= current_conference.partners end end end diff --git a/decidim-conferences/app/controllers/decidim/conferences/admin/registration_type_publications_controller.rb b/decidim-conferences/app/controllers/decidim/conferences/admin/registration_type_publications_controller.rb index 3aa9e32a6165f..4f63e2374b889 100644 --- a/decidim-conferences/app/controllers/decidim/conferences/admin/registration_type_publications_controller.rb +++ b/decidim-conferences/app/controllers/decidim/conferences/admin/registration_type_publications_controller.rb @@ -45,7 +45,7 @@ def destroy private def collection - @collection ||= Decidim::Conferences::RegistrationType.where(conference: current_conference) + @collection ||= current_conference.registration_types end end end diff --git a/decidim-conferences/app/controllers/decidim/conferences/admin/registration_types_controller.rb b/decidim-conferences/app/controllers/decidim/conferences/admin/registration_types_controller.rb index 89fae071525cb..ae70693797db7 100644 --- a/decidim-conferences/app/controllers/decidim/conferences/admin/registration_types_controller.rb +++ b/decidim-conferences/app/controllers/decidim/conferences/admin/registration_types_controller.rb @@ -77,7 +77,7 @@ def destroy private def collection - @collection ||= Decidim::Conferences::RegistrationType.where(conference: current_conference) + @collection ||= current_conference.registration_types end end end diff --git a/decidim-conferences/app/controllers/decidim/conferences/conference_registrations_controller.rb b/decidim-conferences/app/controllers/decidim/conferences/conference_registrations_controller.rb index f4cbb493209ae..74e6d1da22428 100644 --- a/decidim-conferences/app/controllers/decidim/conferences/conference_registrations_controller.rb +++ b/decidim-conferences/app/controllers/decidim/conferences/conference_registrations_controller.rb @@ -71,7 +71,7 @@ def ensure_signed_in end def conference - @conference ||= Conference.find_by(slug: params[:conference_slug]) + @conference ||= Conference.find_by(slug: params[:conference_slug], organization: current_organization) end def registration_type diff --git a/decidim-core/app/controllers/decidim/authorization_modals_controller.rb b/decidim-core/app/controllers/decidim/authorization_modals_controller.rb index 4bff52f008ccd..47441b6e13eac 100644 --- a/decidim-core/app/controllers/decidim/authorization_modals_controller.rb +++ b/decidim-core/app/controllers/decidim/authorization_modals_controller.rb @@ -17,7 +17,7 @@ def resource end def current_component - @current_component ||= Decidim::Component.find(params[:component_id]) + @current_component ||= Decidim::Component.where(participatory_space: current_organization.participatory_spaces).find(params[:component_id]) end def authorization_action diff --git a/decidim-core/app/controllers/decidim/short_links_controller.rb b/decidim-core/app/controllers/decidim/short_links_controller.rb index 192f70fdcfa9e..22f42f3b430f8 100644 --- a/decidim-core/app/controllers/decidim/short_links_controller.rb +++ b/decidim-core/app/controllers/decidim/short_links_controller.rb @@ -29,7 +29,7 @@ def show # # @return [Decidim::ShortLink] The short link matching the identifier def link - @link ||= Decidim::ShortLink.find_by(identifier: params[:id]) + @link ||= Decidim::ShortLink.find_by(identifier: params[:id], organization: current_organization) end end end diff --git a/decidim-core/app/models/decidim/organization.rb b/decidim-core/app/models/decidim/organization.rb index 89874f00c2585..e1aacd548cf03 100644 --- a/decidim-core/app/models/decidim/organization.rb +++ b/decidim-core/app/models/decidim/organization.rb @@ -87,6 +87,12 @@ def top_scopes @top_scopes ||= scopes.top_level end + def participatory_spaces + @participatory_spaces ||= Decidim.participatory_space_manifests.flat_map do |manifest| + manifest.participatory_spaces.call(self) + end + end + def public_participatory_spaces @public_participatory_spaces ||= Decidim.participatory_space_manifests.flat_map do |manifest| manifest.participatory_spaces.call(self).public_spaces diff --git a/decidim-elections/app/controllers/decidim/elections/admin/trustees_participatory_spaces_controller.rb b/decidim-elections/app/controllers/decidim/elections/admin/trustees_participatory_spaces_controller.rb index f30c2caa7151b..8a120711c9848 100644 --- a/decidim-elections/app/controllers/decidim/elections/admin/trustees_participatory_spaces_controller.rb +++ b/decidim-elections/app/controllers/decidim/elections/admin/trustees_participatory_spaces_controller.rb @@ -72,7 +72,7 @@ def destroy private def trustee_participatory_space - @trustee_participatory_space ||= TrusteesParticipatorySpace.find_by(id: params[:id]) + @trustee_participatory_space ||= TrusteesParticipatorySpace.find_by(id: params[:id], participatory_space: current_participatory_space) end def trustees diff --git a/decidim-elections/app/controllers/decidim/votings/admin/votings_landing_page_content_blocks_controller.rb b/decidim-elections/app/controllers/decidim/votings/admin/votings_landing_page_content_blocks_controller.rb index c7ba3af1c5022..f0157162a1b63 100644 --- a/decidim-elections/app/controllers/decidim/votings/admin/votings_landing_page_content_blocks_controller.rb +++ b/decidim-elections/app/controllers/decidim/votings/admin/votings_landing_page_content_blocks_controller.rb @@ -18,7 +18,7 @@ def content_block_scope end def scoped_resource - @scoped_resource ||= Voting.find_by(slug: params[:voting_slug]) + @scoped_resource ||= Voting.find_by(slug: params[:voting_slug], organization: current_organization) end def enforce_permission_to_update_resource diff --git a/decidim-elections/app/controllers/decidim/votings/admin/votings_landing_page_controller.rb b/decidim-elections/app/controllers/decidim/votings/admin/votings_landing_page_controller.rb index 0fc7d1f6a3e24..da92ba82df5db 100644 --- a/decidim-elections/app/controllers/decidim/votings/admin/votings_landing_page_controller.rb +++ b/decidim-elections/app/controllers/decidim/votings/admin/votings_landing_page_controller.rb @@ -16,7 +16,7 @@ def content_block_scope end def scoped_resource - @scoped_resource ||= Voting.find_by(slug: params[:voting_slug]) + @scoped_resource ||= Voting.find_by(slug: params[:voting_slug], organization: current_organization) end def enforce_permission_to_update_resource diff --git a/decidim-elections/app/controllers/decidim/votings/polling_officer_zone/closures_controller.rb b/decidim-elections/app/controllers/decidim/votings/polling_officer_zone/closures_controller.rb index 81b19df180bcd..6e3e88cbc155d 100644 --- a/decidim-elections/app/controllers/decidim/votings/polling_officer_zone/closures_controller.rb +++ b/decidim-elections/app/controllers/decidim/votings/polling_officer_zone/closures_controller.rb @@ -111,7 +111,10 @@ def polling_officer end def election - @election ||= Decidim::Elections::Election.includes(questions: :answers).find_by(id: params[:election_id]) + @election ||= Decidim::Elections::Election.joins(:component) + .where(component: { participatory_space: current_organization.participatory_spaces }) + .includes(questions: :answers) + .find_by(id: params[:election_id]) end def polling_station diff --git a/decidim-elections/app/controllers/decidim/votings/polling_officer_zone/in_person_votes_controller.rb b/decidim-elections/app/controllers/decidim/votings/polling_officer_zone/in_person_votes_controller.rb index 3c17014532f32..d8d07dc8c2e34 100644 --- a/decidim-elections/app/controllers/decidim/votings/polling_officer_zone/in_person_votes_controller.rb +++ b/decidim-elections/app/controllers/decidim/votings/polling_officer_zone/in_person_votes_controller.rb @@ -121,7 +121,10 @@ def voted_online? end def election - @election ||= Decidim::Elections::Election.find(params[:election_id]) + @election ||= Decidim::Elections::Election.joins(:component) + .where(component: { participatory_space: current_organization.participatory_spaces }) + .includes(questions: :answers) + .find_by(id: params[:election_id]) end def polling_officer diff --git a/decidim-elections/app/controllers/decidim/votings/votings_controller.rb b/decidim-elections/app/controllers/decidim/votings/votings_controller.rb index 63f43850d7731..0903d783e4a49 100644 --- a/decidim-elections/app/controllers/decidim/votings/votings_controller.rb +++ b/decidim-elections/app/controllers/decidim/votings/votings_controller.rb @@ -103,7 +103,7 @@ def datum end def election - @election ||= Decidim::Elections::Election.find(params[:election_id]) + @election ||= Decidim::Elections::Election.where(component: current_participatory_space.components).find(params[:election_id]) end def elections diff --git a/decidim-initiatives/app/controllers/decidim/initiatives/admin/committee_requests_controller.rb b/decidim-initiatives/app/controllers/decidim/initiatives/admin/committee_requests_controller.rb index 81fd0ab411ebf..a63dcf2c9c6b9 100644 --- a/decidim-initiatives/app/controllers/decidim/initiatives/admin/committee_requests_controller.rb +++ b/decidim-initiatives/app/controllers/decidim/initiatives/admin/committee_requests_controller.rb @@ -41,7 +41,7 @@ def revoke private def membership_request - @membership_request ||= InitiativesCommitteeMember.find(params[:id]) + @membership_request ||= InitiativesCommitteeMember.where(initiative: current_participatory_space).find(params[:id]) end end end diff --git a/decidim-initiatives/app/controllers/decidim/initiatives/admin/initiatives_type_scopes_controller.rb b/decidim-initiatives/app/controllers/decidim/initiatives/admin/initiatives_type_scopes_controller.rb index 9acb335528a1d..051640ed254ef 100644 --- a/decidim-initiatives/app/controllers/decidim/initiatives/admin/initiatives_type_scopes_controller.rb +++ b/decidim-initiatives/app/controllers/decidim/initiatives/admin/initiatives_type_scopes_controller.rb @@ -69,7 +69,7 @@ def destroy private def current_initiative_type_scope - @current_initiative_type_scope ||= InitiativesTypeScope.find(params[:id]) + @current_initiative_type_scope ||= InitiativesTypeScope.joins(:type).where(decidim_initiatives_types: { organization: current_organization }).find(params[:id]) end def initiative_type_scope_form diff --git a/decidim-initiatives/app/controllers/decidim/initiatives/admin/initiatives_types_controller.rb b/decidim-initiatives/app/controllers/decidim/initiatives/admin/initiatives_types_controller.rb index 52ac554e3ec76..6725e1d99a80d 100644 --- a/decidim-initiatives/app/controllers/decidim/initiatives/admin/initiatives_types_controller.rb +++ b/decidim-initiatives/app/controllers/decidim/initiatives/admin/initiatives_types_controller.rb @@ -84,7 +84,7 @@ def destroy private def current_initiative_type - @current_initiative_type ||= InitiativesType.find(params[:id]) + @current_initiative_type ||= InitiativesType.where(organization: current_organization).find(params[:id]) end def initiative_type_form diff --git a/decidim-initiatives/app/controllers/decidim/initiatives/committee_requests_controller.rb b/decidim-initiatives/app/controllers/decidim/initiatives/committee_requests_controller.rb index cc12703f3e879..238a3247bed14 100644 --- a/decidim-initiatives/app/controllers/decidim/initiatives/committee_requests_controller.rb +++ b/decidim-initiatives/app/controllers/decidim/initiatives/committee_requests_controller.rb @@ -70,7 +70,7 @@ def revoke private def membership_request - @membership_request ||= InitiativesCommitteeMember.find(params[:id]) + @membership_request ||= InitiativesCommitteeMember.where(initiative: current_participatory_space).find(params[:id]) end end end diff --git a/decidim-initiatives/app/controllers/decidim/initiatives/create_initiative_controller.rb b/decidim-initiatives/app/controllers/decidim/initiatives/create_initiative_controller.rb index 7c34c7705b657..1804347a681c7 100644 --- a/decidim-initiatives/app/controllers/decidim/initiatives/create_initiative_controller.rb +++ b/decidim-initiatives/app/controllers/decidim/initiatives/create_initiative_controller.rb @@ -163,11 +163,11 @@ def scopes end def current_initiative - Initiative.find(session_initiative[:id]) if session_initiative.has_key?(:id) + Initiative.where(organization: current_organization).find_by(id: session_initiative[:id]) if session_initiative.has_key?(:id) end def initiative_type - @initiative_type ||= InitiativesType.find(initiative_type_id) + @initiative_type ||= InitiativesType.where(organization: current_organization).find_by(id: initiative_type_id) end def initiative_type_id diff --git a/decidim-initiatives/app/controllers/decidim/initiatives/initiatives_type_scopes_controller.rb b/decidim-initiatives/app/controllers/decidim/initiatives/initiatives_type_scopes_controller.rb index defb8898c35d1..bf4891ff2d5d7 100644 --- a/decidim-initiatives/app/controllers/decidim/initiatives/initiatives_type_scopes_controller.rb +++ b/decidim-initiatives/app/controllers/decidim/initiatives/initiatives_type_scopes_controller.rb @@ -23,7 +23,7 @@ def scoped_types end def initiative_type - @initiative_type ||= InitiativesType.find(params[:type_id]) + @initiative_type ||= InitiativesType.where(organization: current_organization).find(params[:type_id]) end end end diff --git a/decidim-initiatives/app/controllers/decidim/initiatives/initiatives_type_signature_types_controller.rb b/decidim-initiatives/app/controllers/decidim/initiatives/initiatives_type_signature_types_controller.rb index 8b535aefdef73..bc7e6d0984f5d 100644 --- a/decidim-initiatives/app/controllers/decidim/initiatives/initiatives_type_signature_types_controller.rb +++ b/decidim-initiatives/app/controllers/decidim/initiatives/initiatives_type_signature_types_controller.rb @@ -14,7 +14,7 @@ def search private def allowed_signature_types_for_initiatives - @allowed_signature_types_for_initiatives ||= InitiativesType.find(params[:type_id]).allowed_signature_types_for_initiatives + @allowed_signature_types_for_initiatives ||= InitiativesType.where(organization: current_organization).find(params[:type_id]).allowed_signature_types_for_initiatives end end end diff --git a/decidim-initiatives/spec/controllers/decidim/initiatives/initiatives_type_scopes_controller_spec.rb b/decidim-initiatives/spec/controllers/decidim/initiatives/initiatives_type_scopes_controller_spec.rb index c389fe374a72d..fc907c84bbfa9 100644 --- a/decidim-initiatives/spec/controllers/decidim/initiatives/initiatives_type_scopes_controller_spec.rb +++ b/decidim-initiatives/spec/controllers/decidim/initiatives/initiatives_type_scopes_controller_spec.rb @@ -37,6 +37,10 @@ module Initiatives end describe "GET search" do + before do + request.env["decidim.current_organization"] = organization + end + it "Returns only scoped types for the given type" do expect(other_initiative_type.scopes).not_to be_empty diff --git a/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_process_groups_controller.rb b/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_process_groups_controller.rb index e6ef19d62d68a..55e5805212511 100644 --- a/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_process_groups_controller.rb +++ b/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_process_groups_controller.rb @@ -81,12 +81,11 @@ def destroy private def participatory_process_group - @participatory_process_group ||= Decidim::ParticipatoryProcessGroup.find(params[:id]) + @participatory_process_group ||= collection.find(params[:id]) end def collection - @collection ||= - OrganizationParticipatoryProcessGroups.new(current_user.organization).query + @collection ||= OrganizationParticipatoryProcessGroups.new(current_user.organization).query end end end diff --git a/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_process_types_controller.rb b/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_process_types_controller.rb index 60182a6d12ac8..812cc1ef7264a 100644 --- a/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_process_types_controller.rb +++ b/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_process_types_controller.rb @@ -86,7 +86,7 @@ def participatory_process_type_form end def current_participatory_process_type - @current_participatory_process_type ||= Decidim::ParticipatoryProcessType.find(params[:id]) + @current_participatory_process_type ||= collection.find(params[:id]) end def collection diff --git a/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_processes_controller.rb b/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_processes_controller.rb index e2a1fa10ef70f..59d46278297a8 100644 --- a/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_processes_controller.rb +++ b/decidim-participatory_processes/app/controllers/decidim/participatory_processes/admin/participatory_processes_controller.rb @@ -77,7 +77,7 @@ def copy private def process_group - @process_group ||= ParticipatoryProcessGroup.find_by(id: ransack_params[:decidim_participatory_process_group_id_eq]) + @process_group ||= ParticipatoryProcessGroup.find_by(id: ransack_params[:decidim_participatory_process_group_id_eq], organization: current_organization) end def collection diff --git a/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates/questionnaires_controller.rb b/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates/questionnaires_controller.rb index b2b8b3a729c72..d8a5df6123c3f 100644 --- a/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates/questionnaires_controller.rb +++ b/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates/questionnaires_controller.rb @@ -33,7 +33,7 @@ def edit_questionnaire_title private def template - @template ||= Template.find(params[:id]) + @template ||= current_organization.templates.where(templatable_type: "Decidim::Forms::Questionnaire").find(params[:id]) end end end diff --git a/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates_controller.rb b/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates_controller.rb index 36944dc2c0cac..6fcb3b3882c63 100644 --- a/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates_controller.rb +++ b/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates_controller.rb @@ -142,7 +142,7 @@ def collection end def template - @template ||= Template.find_by(id: params[:id]) + @template ||= collection.find(params[:id]) end def search(term)