chore: Allow super admin to suspend an account (#5174)

app/controllers/concerns/ensure_current_account_helper.rb

@@ -8,6 +8,8 @@ module EnsureCurrentAccountHelper
 
   def ensure_current_account
     account = Account.find(params[:account_id])
+    ensure_account_is_active?(account)
+
     if current_user
       account_accessible_for_user?(account)
     elsif @resource.is_a?(AgentBot)
@@ -25,4 +27,8 @@ module EnsureCurrentAccountHelper
   def account_accessible_for_bot?(account)
     render_unauthorized('You are not authorized to access this account') unless @resource.agent_bot_inboxes.find_by(account_id: account.id)
   end
+
+  def ensure_account_is_active?(account)
+    render_unauthorized('Account is suspended') unless account.active?
+  end
 end

app/controllers/concerns/website_token_helper.rb

@@ -5,7 +5,9 @@ module WebsiteTokenHelper
 
   def set_web_widget
     @web_widget = ::Channel::WebWidget.find_by!(website_token: permitted_params[:website_token])
-    @current_account = @web_widget.account
+    @current_account = @web_widget.inbox.account
+
+    render json: { error: 'Account is suspended' }, status: :unauthorized unless @current_account.active?
   end
 
   def set_contact

app/controllers/widgets_controller.rb

@@ -4,6 +4,7 @@ class WidgetsController < ActionController::Base
 
   before_action :set_global_config
   before_action :set_web_widget
+  before_action :ensure_account_is_active
   before_action :set_token
   before_action :set_contact
   before_action :build_contact
@@ -46,6 +47,10 @@ class WidgetsController < ActionController::Base
     @contact = @contact_inbox.contact
   end
 
+  def ensure_account_is_active
+    render json: { error: 'Account is suspended' }, status: :unauthorized unless @web_widget.inbox.account.active?
+  end
+
   def additional_attributes
     if @web_widget.inbox.account.feature_enabled?('ip_lookup')
       { created_at_ip: request.remote_ip }