Rails.application.routes.draw do devise_for :users # Unauthenticated root path (Typically the login page) devise_scope :user do root to: 'devise/sessions#new' end # Authenticated root, accessible to any logged-in user authenticated :user do root 'home#index', as: :authenticated_root end # Admin-specific resources authenticate :user, ->(u) { u.admin? } do # Restrict these paths to admins only resources :users, only: [:index, :edit, :update, :destroy] end # General resources accessible based on role, not restricted in routes but rather in controller actions resources :participants do resources :onboardings, only: [:index, :create, :update] do collection do post 'submit_onboarding' end end resources :bank_accounts, only: [:index, :new, :create, :edit, :update, :destroy] collection { get 'search' } member do post 'link_worker' post 'link_vendor' end end resources :workers do resources :onboardings, only: [:index, :create, :update] do collection do post 'submit_onboarding' end end resources :bank_accounts, only: [:index, :new, :create, :edit, :update, :destroy] collection do get 'search' post 'link_participant' post 'link_employer' end end resources :vendors do resources :onboardings, only: [:index, :create, :update] do collection do post 'submit_onboarding' end end resources :bank_accounts, only: [:index, :new, :create, :edit, :update, :destroy] collection { get 'search' } end resources :employers do resources :onboardings, only: [:index, :create, :update] do collection do post 'submit_onboarding' end end collection { get 'search' } member { post 'link_worker' } end resources :employments, only: [:edit, :update, :destroy] resources :employer_records, only: [:edit, :update, :destroy] do collection { post 'link_participant' } end resources :service_contracts resources :forms namespace :admin do get 'users/new', to: 'admin#new_user', as: 'new_user' post 'users', to: 'admin#create_user', as: 'create_user' # Add other admin routes as needed resources :users, only: [:index, :edit, :update, :destroy] end end