diff --git a/app/channels/application_cable/connection.rb b/app/channels/application_cable/connection.rb
index cb6370d8e..85809ad2f 100644
--- a/app/channels/application_cable/connection.rb
+++ b/app/channels/application_cable/connection.rb
@@ -9,9 +9,8 @@ module ApplicationCable
private
def set_current_user
if session = find_session_by_cookie
- account = Account.find(request.env["fizzy.external_account_id"])
- user = session.identity.user.find_by!(account: account)
- self.current_user = user if user.active?
+ account = Account.find_by(external_account_id: request.env["fizzy.external_account_id"])
+ self.current_user = session.identity.users.find_by!(account: account) if account
end
end
diff --git a/app/controllers/users/email_addresses/confirmations_controller.rb b/app/controllers/users/email_addresses/confirmations_controller.rb
index 5e9deb703..5e5d8f0ed 100644
--- a/app/controllers/users/email_addresses/confirmations_controller.rb
+++ b/app/controllers/users/email_addresses/confirmations_controller.rb
@@ -2,24 +2,24 @@ class Users::EmailAddresses::ConfirmationsController < ApplicationController
disallow_account_scope
allow_unauthenticated_access
- before_action :set_membership
+ before_action :set_user
rate_limit to: 5, within: 1.hour, only: :create
def show
end
def create
- membership = Membership.change_email_address_using_token(token)
+ user = User.change_email_address_using_token(token)
terminate_session if Current.session
- start_new_session_for membership.reload.identity
+ start_new_session_for user.reload.identity
- redirect_to edit_user_url(script_name: "/#{@membership.tenant}", id: @membership.user)
+ redirect_to edit_user_url(script_name: user.account.slug, id: user)
end
private
- def set_membership
- @membership = Membership.find(params[:membership_id])
+ def set_user
+ @user = User.find(params[:user_id])
end
def token
diff --git a/app/controllers/users/email_addresses_controller.rb b/app/controllers/users/email_addresses_controller.rb
index f90c838b5..691c50e42 100644
--- a/app/controllers/users/email_addresses_controller.rb
+++ b/app/controllers/users/email_addresses_controller.rb
@@ -3,7 +3,7 @@ class Users::EmailAddressesController < ApplicationController
layout "public"
- before_action :set_membership
+ before_action :set_user
rate_limit to: 5, within: 1.hour, only: :create
def new
@@ -12,17 +12,17 @@ class Users::EmailAddressesController < ApplicationController
def create
identity = Identity.find_by_email_address(new_email_address)
- if identity&.memberships&.exists?(tenant: @membership.tenant)
+ if identity&.users&.exists?(account: @user.account)
flash[:alert] = "You already have a user in this account with that email address"
- redirect_to new_email_address_path
+ redirect_to new_user_email_address_path(@user)
else
- @membership.send_email_address_change_confirmation(new_email_address)
+ @user.send_email_address_change_confirmation(new_email_address)
end
end
private
- def set_membership
- @membership = Current.identity.memberships.find(params[:membership_id])
+ def set_user
+ @user = Current.identity.users.find(params[:user_id])
end
def new_email_address
diff --git a/app/models/board.rb b/app/models/board.rb
index b39e47441..9f1bcd5d7 100644
--- a/app/models/board.rb
+++ b/app/models/board.rb
@@ -1,8 +1,8 @@
class Board < ApplicationRecord
include Accessible, AutoPostponing, Broadcastable, Cards, Entropic, Filterable, Publishable, Triageable
- belongs_to :account, default: -> { creator.account }
belongs_to :creator, class_name: "User", default: -> { Current.user }
+ belongs_to :account, default: -> { creator.account }
has_rich_text :public_description
diff --git a/app/models/current.rb b/app/models/current.rb
index 26f4ef189..a8ef58461 100644
--- a/app/models/current.rb
+++ b/app/models/current.rb
@@ -7,8 +7,16 @@ class Current < ActiveSupport::CurrentAttributes
def session=(value)
super(value)
- if value.present? && Current.account.present?
- self.user = identity.users.find_by(account: Current.account)
+ if value.present? && account.present?
+ self.user = identity.users.find_by(account: account)
+ end
+ end
+
+ def account=(value)
+ super(value)
+
+ if value.present? && identity.present?
+ self.user = identity.users.find_by(account: value)
end
end
end
diff --git a/app/models/user.rb b/app/models/user.rb
index cef823a1f..6b985c2df 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -20,7 +20,7 @@ class User < ApplicationRecord
def deactivate
transaction do
accesses.destroy_all
- update! active: false
+ update! active: false, identity: nil
end
end
end
diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb
index dda329f84..4dd365d23 100644
--- a/app/views/users/edit.html.erb
+++ b/app/views/users/edit.html.erb
@@ -40,7 +40,7 @@
<%= form.email_field :email_address, class: "input full-width", autocomplete: "username", placeholder: "Email address", required: true, readonly: true, value: @user.identity.email_address %>
- <%= link_to "Change email", new_email_address_url(script_name: nil, user_id: Current.user.id), class: "btn btn--plain txt-link txt-small txt-nowrap" %>
+ <%= link_to "Change email", new_user_email_address_url(script_name: nil, user_id: Current.user.id), class: "btn btn--plain txt-link txt-small txt-nowrap" %>