diff --git a/app/components/avo/fields/preview_field/index_component.html.erb b/app/components/avo/fields/preview_field/index_component.html.erb
index c5cece6693..4ce5f7530c 100644
--- a/app/components/avo/fields/preview_field/index_component.html.erb
+++ b/app/components/avo/fields/preview_field/index_component.html.erb
@@ -1,10 +1,3 @@
<%= index_field_wrapper(**field_wrapper_args, dash_if_blank: false, class: 'whitespace-no-wrap w-[1%]', flush: true, center_content: true) do %>
- <%= link_to resource_view_path,
- title: t('avo.view_item', item: @resource.name).humanize,
- data: {
- controller: "preview",
- preview_url_value: helpers.preview_resource_path(resource: @resource, turbo_frame: :preview_modal),
- } do %>
- <%= helpers.svg("heroicons/outline/magnifying-glass-circle", class: "block h-6 text-gray-600") %>
- <% end %>
+ <%= render_preview %>
<% end %>
diff --git a/app/components/avo/fields/preview_field/index_component.rb b/app/components/avo/fields/preview_field/index_component.rb
index 5381571e01..09993bdd67 100644
--- a/app/components/avo/fields/preview_field/index_component.rb
+++ b/app/components/avo/fields/preview_field/index_component.rb
@@ -1,4 +1,16 @@
# frozen_string_literal: true
class Avo::Fields::PreviewField::IndexComponent < Avo::Fields::IndexComponent
+ def render_preview
+ link_to resource_view_path, title: t("avo.view_item", item: @resource.name).humanize do
+ helpers.svg(
+ "heroicons/outline/magnifying-glass-circle",
+ class: "block h-6 text-gray-600",
+ data: {
+ controller: "preview",
+ preview_url_value: helpers.preview_resource_path(resource: @resource, turbo_frame: :preview_modal),
+ }
+ )
+ end
+ end
end
diff --git a/app/controllers/avo/base_controller.rb b/app/controllers/avo/base_controller.rb
index 916ac0b2d8..94224ee380 100644
--- a/app/controllers/avo/base_controller.rb
+++ b/app/controllers/avo/base_controller.rb
@@ -208,9 +208,13 @@ def destroy
end
def preview
- @resource.hydrate(record: @record, view: Avo::ViewInquirer.new(:show), user: _current_user, params: params)
+ @authorized = @authorization.set_record(@record || @resource.model_class).authorize_action :preview, raise_exception: false
- @preview_fields = @resource.get_preview_fields
+ if @authorized
+ @resource.hydrate(record: @record, view: Avo::ViewInquirer.new(:show), user: _current_user, params: params)
+
+ @preview_fields = @resource.get_preview_fields
+ end
render layout: params[:turbo_frame].blank?
end
diff --git a/app/views/avo/base/preview.html.erb b/app/views/avo/base/preview.html.erb
index bbf2a27743..e0d5ce928a 100644
--- a/app/views/avo/base/preview.html.erb
+++ b/app/views/avo/base/preview.html.erb
@@ -1,24 +1,37 @@
<%= turbo_frame_tag params[:turbo_frame] do %>
- <%= content_tag :div, class: "-mx-2" do %>
- <%= content_tag :div, class: "px-6 py-4" do %>
- Previewing <%= @resource.record_title %>
- <% end %>
+ <% if @authorized %>
+ <%= content_tag :div, class: "-mx-2" do %>
+ <%= content_tag :div, class: "px-6 py-4" do %>
+ Previewing <%= @resource.record_title %>
+ <% end %>
- <% if @preview_fields.present? %>
-
- <% @preview_fields.each_with_index do |field, index| %>
- <%= render field
- .hydrate(
- resource: @resource,
- record: @resource.record,
- user: @resource.user,
- view: Avo::ViewInquirer.new(:show)
- )
- .component_for_view(:show)
- .new(field: field, resource: @resource, index: index, compact: true, short: true)
- %>
- <% end %>
-
+ <% if @preview_fields.present? %>
+
+ <% @preview_fields.each_with_index do |field, index| %>
+ <%= render field
+ .hydrate(
+ resource: @resource,
+ record: @resource.record,
+ user: @resource.user,
+ view: Avo::ViewInquirer.new(:show)
+ )
+ .component_for_view(:show)
+ .new(field: field, resource: @resource, index: index, compact: true, short: true)
+ %>
+ <% end %>
+
+ <% end %>
<% end %>
+ <% else %>
+
+
+
+ <%= svg "heroicons/solid/exclamation-circle", class: "h-6" %>
+
+
+
<%= t "avo.not_authorized" %>
+
+
+