Allow admins to see whitelisted organizations

nygrenh · nygrenh · commit 320289b18202 · 2018-05-08T14:01:05.000+03:00
diff --git a/app/controllers/api/v8/organizations_controller.rb b/app/controllers/api/v8/organizations_controller.rb
@@ -48,7 +48,7 @@ class OrganizationsController < Api::V8::BaseController
       def index
         orgs = Organization
           .visible_organizations
-          .select { |org| org.visibility_allowed?(request) }
+          .select { |org| org.visibility_allowed?(request, current_user) }
           .map { |o| { name: o.name, information: o.information, slug: o.slug, logo_path: o.logo.url, pinned: o.pinned } }
         authorize! :read, orgs
         present(orgs)
diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb
@@ -205,7 +205,7 @@ def assign_show_view_vars
 
   def set_organization
     @organization = Organization.find_by!(slug: params[:organization_id])
-    unauthorized! unless @organization.visibility_allowed?(request)
+    unauthorized! unless @organization.visibility_allowed?(request, current_user)
   end
 
   def set_course
diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb
@@ -10,17 +10,17 @@ def index
     @organizations = Organization
       .accepted_organizations
       .order(ordering)
-      .reject { |org| org.hidden? && !can?(:view_hidden_organizations, nil) || !org.visibility_allowed?(request) }
-    @my_organizations = Organization.taught_organizations(current_user).select { |org| org.visibility_allowed?(request) }
-    @my_organizations |= Organization.assisted_organizations(current_user).select { |org| org.visibility_allowed?(request) }
-    @my_organizations |= Organization.participated_organizations(current_user).select { |org| org.visibility_allowed?(request) }
+      .reject { |org| org.hidden? && !can?(:view_hidden_organizations, nil) || !org.visibility_allowed?(request, current_user) }
+    @my_organizations = Organization.taught_organizations(current_user).select { |org| org.visibility_allowed?(request, current_user) }
+    @my_organizations |= Organization.assisted_organizations(current_user).select { |org| org.visibility_allowed?(request, current_user) }
+    @my_organizations |= Organization.participated_organizations(current_user).select { |org| org.visibility_allowed?(request, current_user) }
     @my_organizations.natsort_by!(&:name)
     @courses_under_initial_refresh = Course.where(initial_refresh_ready: false)
     @pinned_organizations = Organization
     .accepted_organizations
     .where(pinned: true)
     .order(ordering)
-    .select { |org| org.visibility_allowed?(request) }
+    .select { |org| org.visibility_allowed?(request, current_user) }
     .reject { |org| org.hidden? && !can?(:view_hidden_organizations, nil)}
     render layout: 'landing'
   end
@@ -100,7 +100,7 @@ def percent_completed_hash(courses, user)
 
   def set_organization
     @organization = Organization.find_by(slug: params[:id])
-    unauthorized! unless @organization.visibility_allowed?(request)
+    unauthorized! unless @organization.visibility_allowed?(request, current_user)
     raise ActiveRecord::RecordNotFound, 'Invalid organization id' if @organization.nil?
   end
 
diff --git a/app/models/organization.rb b/app/models/organization.rb
@@ -71,7 +71,8 @@ def find_by_slug(slug)
     Organization.where(slug: slug)
   end
 
-  def visibility_allowed?(request)
+  def visibility_allowed?(request, user)
+    return true if current.user.administrator?
     return true unless whitelisted_ips
     whitelisted_ips.include?(request.remote_ip)
   end
