Only users with verified emails are allowed to create new jobs

app/controllers/application_controller.rb

@@ -3,6 +3,7 @@ class ApplicationController < ActionController::Base
 
   before_action :set_current_request_details
   before_action :authenticate_user!
+  before_action :verified_user!
 
   verify_authorized
 
@@ -29,6 +30,15 @@ class ApplicationController < ActionController::Base
       end
     end
 
+    def verified_user!
+      if user_signed_in?
+        unless current_user.verified?
+          flash[:notice] = "Please verify your email!"
+          redirect_to profile_path
+        end
+      end
+    end
+
     def set_current_request_details
       Current.user_agent = request.user_agent
       Current.ip_address = request.ip

app/controllers/identity/email_verifications_controller.rb

@@ -1,5 +1,7 @@
 class Identity::EmailVerificationsController < ApplicationController
   skip_before_action :authenticate_user!, only: :show
+  skip_before_action :verified_user!
+  skip_verify_authorized
 
   before_action :set_user, only: :show
 

app/controllers/identity/emails_controller.rb

@@ -1,4 +1,7 @@
 class Identity::EmailsController < ApplicationController
+  skip_before_action :verified_user!
+  skip_verify_authorized
+
   before_action :set_user
 
   def edit

app/controllers/identity/password_resets_controller.rb

@@ -1,5 +1,6 @@
 class Identity::PasswordResetsController < ApplicationController
   skip_before_action :authenticate_user!
+  skip_verify_authorized
 
   before_action :set_user, only: %i[ edit update ]
 

app/controllers/jobs_controller.rb

@@ -1,5 +1,6 @@
 class JobsController < ApplicationController
   skip_before_action :authenticate_user!, only: [ :index, :cancel_button ]
+  skip_before_action :verified_user!, only: [ :index ]
   skip_verify_authorized only: [ :index, :new, :create, :cancel_button ]
 
   # GET /jobs or /jobs.json

app/controllers/passwords_controller.rb

@@ -1,5 +1,6 @@
 class PasswordsController < ApplicationController
   skip_verify_authorized only: [ :edit, :update ]
+  skip_before_action :verified_user!
   before_action :set_user
 
   def edit

app/controllers/profiles_controller.rb

@@ -1,5 +1,6 @@
 class ProfilesController < ApplicationController
   skip_verify_authorized only: [ :show, :edit, :destroy ]
+  skip_before_action :verified_user!
 
   def show
   end

app/controllers/sessions_controller.rb

@@ -1,5 +1,6 @@
 class SessionsController < ApplicationController
   skip_before_action :authenticate_user!, only: %i[ new create ]
+  skip_before_action :verified_user!
   skip_verify_authorized only: [ :index, :new, :create, :destroy ]
 
   before_action :set_session, only: :destroy

app/policies/application_policy.rb

@@ -1,12 +1,17 @@
 # Base class for application policies
 class ApplicationPolicy < ActionPolicy::Base
-  pre_check :allow_admins
+  pre_check :allow_admins, :only_verified_users
 
   # admin is good! :)
   def allow_admins
     allow! if user.admin?
   end
 
+  # no email verification no rights
+  def only_verified_users
+    deny! unless user.verified?
+  end
+
   # Configure additional authorization contexts here
   # (`user` is added by default).
   #

app/views/profiles/show.html.erb

@@ -7,6 +7,17 @@
       <% end %>
     </li>
     <li>E-Mail: <%= current_user.email %></li>
+    <% if current_user.verified? %>
+      <p>
+        E-Mail is verified
+      </p>
+    <% else %>
+      <p>
+        <div>
+          Please validate your E-mail-adress (<%= button_to 'Re-send verification email', identity_email_verification_path, form_class: "inline" %>)
+        </div>
+      </p>
+    <% end %>
   </ul>
   <h2 class="text-lg font-bold p-1 border-b-2 border-hsrm-red">Aufgegebene Druckaufträge</h2>
   <p>