Maybe/app/controllers/invitations_controller.rb

class InvitationsController < ApplicationController
  skip_authentication only: :accept
  def new
    @invitation = Invitation.new
  end

  def create
    unless Current.user.admin?
      flash[:alert] = t(".failure")
      redirect_to settings_profile_path
      return
    end

    @invitation = Current.family.invitations.build(invitation_params)
    @invitation.inviter = Current.user

    if @invitation.save
      InvitationMailer.invite_email(@invitation).deliver_later unless self_hosted?
      flash[:notice] = t(".success")
    else
      flash[:alert] = t(".failure")
    end

    redirect_to settings_profile_path
  end

  def accept
    @invitation = Invitation.find_by!(token: params[:id])

    if @invitation.pending?
      redirect_to new_registration_path(invitation: @invitation.token)
    else
      raise ActiveRecord::RecordNotFound
    end
  end

  def destroy
    unless Current.user.admin?
      flash[:alert] = t("invitations.destroy.not_authorized")
      redirect_to settings_profile_path
      return
    end

    @invitation = Current.family.invitations.find(params[:id])

    if @invitation.destroy
      flash[:notice] = t("invitations.destroy.success")
    else
      flash[:alert] = t("invitations.destroy.failure")
    end

    redirect_to settings_profile_path
  end

  private

    def invitation_params
      params.require(:invitation).permit(:email, :role)
    end
end
Family invites (#1397) * Initial pass at household invites * Invitee setup * Clean up add member form * Lint and other tweaks * Security cleanup * Lint * i18n fixes * More i18n cleanup * Show pending invites * Don't use turbo on the form * Improved email design * Basic tests * Lint * Update onboardings_controller.rb * Registration + invite cleanup * Lint * Update brakeman.ignore * Update brakeman.ignore * Self host invite links * Test tweaks * Address missing param error 2024-11-01 10:23:27 -05:00			`class InvitationsController < ApplicationController`
			`skip_authentication only: :accept`
			`def new`
			`@invitation = Invitation.new`
			`end`

			`def create`
			`unless Current.user.admin?`
			`flash[:alert] = t(".failure")`
			`redirect_to settings_profile_path`
			`return`
			`end`

			`@invitation = Current.family.invitations.build(invitation_params)`
			`@invitation.inviter = Current.user`

			`if @invitation.save`
			`InvitationMailer.invite_email(@invitation).deliver_later unless self_hosted?`
			`flash[:notice] = t(".success")`
			`else`
			`flash[:alert] = t(".failure")`
			`end`

			`redirect_to settings_profile_path`
			`end`

			`def accept`
			`@invitation = Invitation.find_by!(token: params[:id])`

			`if @invitation.pending?`
			`redirect_to new_registration_path(invitation: @invitation.token)`
			`else`
			`raise ActiveRecord::RecordNotFound`
			`end`
			`end`

Add/remove members and invitations (#1744) * Add/remove members and invitations * Lint 2025-01-30 13:13:37 -06:00			`def destroy`
			`unless Current.user.admin?`
			`flash[:alert] = t("invitations.destroy.not_authorized")`
			`redirect_to settings_profile_path`
			`return`
			`end`

			`@invitation = Current.family.invitations.find(params[:id])`

			`if @invitation.destroy`
			`flash[:notice] = t("invitations.destroy.success")`
			`else`
			`flash[:alert] = t("invitations.destroy.failure")`
			`end`

			`redirect_to settings_profile_path`
			`end`

Family invites (#1397) * Initial pass at household invites * Invitee setup * Clean up add member form * Lint and other tweaks * Security cleanup * Lint * i18n fixes * More i18n cleanup * Show pending invites * Don't use turbo on the form * Improved email design * Basic tests * Lint * Update onboardings_controller.rb * Registration + invite cleanup * Lint * Update brakeman.ignore * Update brakeman.ignore * Self host invite links * Test tweaks * Address missing param error 2024-11-01 10:23:27 -05:00			`private`

			`def invitation_params`
			`params.require(:invitation).permit(:email, :role)`
			`end`
			`end`