Project

General

Profile

Feature #258

Updated by 關山 和丈 28 days ago

 
 ``` 
 # API関連 
       def authorize_patient!(patient) 
         return true if 
 unless current_pharmacist.admin? || patient.pharmacy_id pharmacy_id == current_pharmacist.pharmacy_id 

         
   render json: { error: "Unauthorized" }, status: :forbidden 
         false 
       end 

       def authorize_pharmacy_id!(pharmacy_id) 
         
   return true if current_pharmacist.admin? || pharmacy_id == current_pharmacist.pharmacy_id 

         render json: { error: "Unauthorized" }, status: :forbidden 
         false 
       
 end 
 ```

Back