app/controllers/blazer/base_controller_decorator.rb


# https://stackoverflow.com/questions/77318060/blazer-raised-activerecordconnectionnotestablished
module Blazer
  module BaseControllerDecorator
    def self.prepended(base)
      base.around_action :set_writing_role
      base.before_action :restrict_organizer_access
    end

    # Annonymous block: https://www.rubydoc.info/gems/rubocop/RuboCop/Cop/Naming/BlockForwarding
    def set_writing_role(&block)
      ActiveRecord::Base.connected_to(role: :writing, &block)
    end

    def restrict_organizer_access
      return if spree_current_user.admin?

      return unless spree_current_user.organizer? || vendor_permissions?
      return if controller_name == 'queries' && %w[show run].include?(action_name)

      raise ActionController::RoutingError, 'Unauthorized'
    end

    private

    def current_vendor
      @current_vendor ||= vendors&.find_by(id: session[:vendor_id]) || vendors&.first
    end

    def vendors
      @vendors ||= spree_current_user&.vendors
    end

    def vendor_permissions?
      return false unless current_vendor

      permissions = spree_current_user.permissions_for_vendor(current_vendor.id)
      permissions.exists?(entry: 'shared_console/reports', action: 'view_reports')
    end
  end
end

Blazer::BaseController.prepend(Blazer::BaseControllerDecorator) unless Blazer::BaseController.ancestors.include?(Blazer::BaseControllerDecorator)