scinote-web/app/controllers/users/settings/user_teams_controller.rb

module Users
  module Settings
    class UserTeamsController < ApplicationController
      include NotificationsHelper
      include InputSanitizeHelper
      include UserRolesHelper

      before_action :load_user_assignment, only: %i(update leave_html destroy_html destroy)
      before_action :check_manage_permissions, except: %i(leave_html destroy_html destroy)
      before_action :check_destroy_permissions, only: %i(leave_html destroy_html destroy)

      def update
        respond_to do |format|
          if @user_assignment.update(update_params)
            Activities::CreateActivityService
              .call(activity_type: :change_users_role_on_team,
                    owner: current_user,
                    subject: @user_assignment.assignable,
                    team: @user_assignment.assignable,
                    message_items: {
                      team: @user_assignment.assignable.id,
                      user_changed: @user_assignment.user.id,
                      role: @user_assignment.user_role.name
                    })

            format.json do
              render json: {
                status: :ok
              }
            end
          else
            format.json do
              render json: @user_assignment.errors,
              status: :unprocessable_entity
            end
          end
        end
      end

      def leave_html
        respond_to do |format|
          format.json do
            render json: {
              html: render_to_string(
                partial: 'users/settings/user_teams/leave_user_team_modal_body.html.erb',
                locals: { user_assignment: @user_assignment }
              ),
              heading: I18n.t(
                'users.settings.user_teams.leave_uo_heading',
                team: escape_input(@user_assignment.assignable.name)
              )
            }
          end
        end
      end

      def destroy_html
        respond_to do |format|
          format.json do
            render json: {
              html: render_to_string(
                partial: 'users/settings/user_teams/' \
                         'destroy_user_team_modal_body.html.erb',
                locals: { user_assignment: @user_assignment }
              ),
              heading: I18n.t(
                'users.settings.user_teams.destroy_uo_heading',
                user: escape_input(@user_assignment.user.full_name),
                team: escape_input(@user_assignment.assignable.name)
              )
            }
          end
        end
      end

      def destroy
        # If user is last administrator of team,
        # he/she cannot be deleted from it.
        invalid =
          managing_team_user_roles_collection.include?(@user_assignment.user_role) &&
          @user_assignment
          .assignable
          .user_assignments
          .where(user_role: managing_team_user_roles_collection)
          .count <= 1

        unless invalid
          begin
            @user_assignment.transaction do
              # If user leaves on his/her own accord,
              # new owner for projects is the first
              # administrator of team
              if params[:leave]
                new_owner =
                  @user_assignment
                  .assignable
                  .user_assignments
                  .where(user_role: managing_team_user_roles_collection)
                  .where.not(id: @user_assignment.id)
                  .first
                  .user
                Activities::CreateActivityService
                  .call(activity_type: :user_leave_team,
                        owner: current_user,
                        subject: @user_assignment.assignable,
                        team: @user_assignment.assignable,
                        message_items: {
                          team: @user_assignment.assignable.id
                        })
              else
                # Otherwise, the new owner for projects is
                # the current user (= an administrator removing
                # the user from the team)
                new_owner = current_user
                Activities::CreateActivityService
                  .call(activity_type: :remove_user_from_team,
                        owner: current_user,
                        subject: @user_assignment.assignable,
                        team: @user_assignment.assignable,
                        message_items: {
                          team: @user_assignment.assignable.id,
                          user_removed: @user_assignment.user.id
                        })
              end
              reset_user_current_team(@user_assignment)

              remove_user_from_team!(@user_assignment, new_owner)
            end
          rescue StandardError => e
            Rails.logger.error e.message
            invalid = true
          end
        end

        respond_to do |format|
          if !invalid
            if params[:leave]
              flash[:notice] = I18n.t(
                'users.settings.user_teams.leave_flash',
                team: @user_assignment.assignable.name
              )
              flash.keep(:notice)
            end
            generate_notification(current_user,
                                  @user_assignment.user,
                                  @user_assignment.assignable,
                                  false)
            format.json { render json: { status: :ok } }
          else
            format.json do
              render json: @user_assignment.errors,
              status: :unprocessable_entity
            end
          end
        end
      end

      private

      def load_user_assignment
        @user_assignment = UserAssignment.find_by(id: params[:id])
      end

      def check_manage_permissions
        render_403 unless can_manage_team_users?(@user_assignment.assignable)
      end

      def check_destroy_permissions
        if params[:leave]
          render_403 unless @user_assignment.user == current_user
        else
          render_403 unless can_manage_team_users?(@user_assignment.assignable)
        end
      end

      def update_params
        params.require(:user_assignment).permit(:user_role_id)
      end

      def reset_user_current_team(user_assignment)
        ids = user_assignment.user.teams_ids
        ids -= [user_assignment.assignable.id]
        user_assignment.user.current_team_id = ids.first
        user_assignment.user.save
      end

      def remove_user_from_team!(user_assignment, new_owner)
        return user_assignment.destroy! unless new_owner

        # Also, make new owner author of all protocols that belong
        # to the departing user and belong to this team.
        p_ids = user_assignment.user.added_protocols.where(team: user_assignment.assignable).pluck(:id)
        Protocol.where(id: p_ids).find_each do |protocol|
          protocol.record_timestamps = false
          protocol.added_by = new_owner
          protocol.archived_by = new_owner unless protocol.archived_by.nil?
          protocol.restored_by = new_owner unless protocol.restored_by.nil?
          protocol.save!
        end

        # Make new owner author of all inventory items that were added
        # by departing user and belong to this team.
        RepositoryRow.change_owner(user_assignment.assignable, user_assignment.user, new_owner)

        user_assignment.destroy!
      end
    end
  end
end
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`module Users`
			`module Settings`
			`class UserTeamsController < ApplicationController`
Some minor fixes 2017-02-09 21:58:11 +08:00			`include NotificationsHelper`
			`include InputSanitizeHelper`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`include UserRolesHelper`
Some minor fixes 2017-02-09 21:58:11 +08:00
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`before_action :load_user_assignment, only: %i(update leave_html destroy_html destroy)`
Update teams table with new user assignments system [SCI-7291] 2022-10-06 00:28:40 +08:00			`before_action :check_manage_permissions, except: %i(leave_html destroy_html destroy)`
			`before_action :check_destroy_permissions, only: %i(leave_html destroy_html destroy)`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00
			`def update`
			`respond_to do \|format\|`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`if @user_assignment.update(update_params)`
Add creating activities for Team actions 2019-03-12 14:33:24 +08:00			`Activities::CreateActivityService`
			`.call(activity_type: :change_users_role_on_team,`
			`owner: current_user,`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`subject: @user_assignment.assignable,`
			`team: @user_assignment.assignable,`
Add creating activities for Team actions 2019-03-12 14:33:24 +08:00			`message_items: {`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`team: @user_assignment.assignable.id,`
			`user_changed: @user_assignment.user.id,`
			`role: @user_assignment.user_role.name`
Add creating activities for Team actions 2019-03-12 14:33:24 +08:00			`})`

Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`format.json do`
			`render json: {`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`status: :ok`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`}`
			`end`
			`else`
			`format.json do`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`render json: @user_assignment.errors,`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`status: :unprocessable_entity`
			`end`
			`end`
			`end`
			`end`

			`def leave_html`
			`respond_to do \|format\|`
			`format.json do`
			`render json: {`
			`html: render_to_string(`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`partial: 'users/settings/user_teams/leave_user_team_modal_body.html.erb',`
			`locals: { user_assignment: @user_assignment }`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`),`
			`heading: I18n.t(`
			`'users.settings.user_teams.leave_uo_heading',`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`team: escape_input(@user_assignment.assignable.name)`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`)`
			`}`
			`end`
			`end`
			`end`

			`def destroy_html`
			`respond_to do \|format\|`
			`format.json do`
			`render json: {`
			`html: render_to_string(`
			`partial: 'users/settings/user_teams/' \`
			`'destroy_user_team_modal_body.html.erb',`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`locals: { user_assignment: @user_assignment }`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`),`
			`heading: I18n.t(`
			`'users.settings.user_teams.destroy_uo_heading',`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`user: escape_input(@user_assignment.user.full_name),`
			`team: escape_input(@user_assignment.assignable.name)`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`)`
			`}`
			`end`
			`end`
			`end`

			`def destroy`
Please Hound 2017-02-13 23:40:27 +08:00			`# If user is last administrator of team,`
			`# he/she cannot be deleted from it.`
			`invalid =`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`managing_team_user_roles_collection.include?(@user_assignment.user_role) &&`
			`@user_assignment`
			`.assignable`
			`.user_assignments`
			`.where(user_role: managing_team_user_roles_collection)`
Please Hound 2017-02-13 23:40:27 +08:00			`.count <= 1`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00
Please Hound 2017-02-13 23:40:27 +08:00			`unless invalid`
			`begin`
Fix user adding/removing from a team [SCI-7240] 2022-09-26 18:14:03 +08:00			`@user_assignment.transaction do`
Please Hound 2017-02-13 23:40:27 +08:00			`# If user leaves on his/her own accord,`
			`# new owner for projects is the first`
			`# administrator of team`
			`if params[:leave]`
			`new_owner =`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`@user_assignment`
			`.assignable`
			`.user_assignments`
			`.where(user_role: managing_team_user_roles_collection)`
			`.where.not(id: @user_assignment.id)`
Please Hound 2017-02-13 23:40:27 +08:00			`.first`
			`.user`
Adding missed activities [SCI-3253] (#1614) * Adding missed activties * Adding test for activities 2019-04-02 17:50:37 +08:00			`Activities::CreateActivityService`
			`.call(activity_type: :user_leave_team,`
			`owner: current_user,`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`subject: @user_assignment.assignable,`
			`team: @user_assignment.assignable,`
Adding missed activities [SCI-3253] (#1614) * Adding missed activties * Adding test for activities 2019-04-02 17:50:37 +08:00			`message_items: {`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`team: @user_assignment.assignable.id`
Adding missed activities [SCI-3253] (#1614) * Adding missed activties * Adding test for activities 2019-04-02 17:50:37 +08:00			`})`
Please Hound 2017-02-13 23:40:27 +08:00			`else`
			`# Otherwise, the new owner for projects is`
			`# the current user (= an administrator removing`
			`# the user from the team)`
			`new_owner = current_user`
Adding missed activities [SCI-3253] (#1614) * Adding missed activties * Adding test for activities 2019-04-02 17:50:37 +08:00			`Activities::CreateActivityService`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`.call(activity_type: :remove_user_from_team,`
			`owner: current_user,`
			`subject: @user_assignment.assignable,`
			`team: @user_assignment.assignable,`
			`message_items: {`
			`team: @user_assignment.assignable.id,`
			`user_removed: @user_assignment.user.id`
			`})`
Adding missed activities [SCI-3253] (#1614) * Adding missed activties * Adding test for activities 2019-04-02 17:50:37 +08:00			`end`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`reset_user_current_team(@user_assignment)`
Add creating activities for Team actions 2019-03-12 14:33:24 +08:00
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`remove_user_from_team!(@user_assignment, new_owner)`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`end`
Fix user removal from a team [SCI-6323] 2021-12-06 21:24:59 +08:00			`rescue StandardError => e`
			`Rails.logger.error e.message`
Please Hound 2017-02-13 23:40:27 +08:00			`invalid = true`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`end`
Please Hound 2017-02-13 23:40:27 +08:00			`end`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00
Please Hound 2017-02-13 23:40:27 +08:00			`respond_to do \|format\|`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`if !invalid`
			`if params[:leave]`
			`flash[:notice] = I18n.t(`
			`'users.settings.user_teams.leave_flash',`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`team: @user_assignment.assignable.name`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`)`
			`flash.keep(:notice)`
			`end`
Fix notification for user removal from a team [SCI-2131] 2018-03-07 20:20:17 +08:00			`generate_notification(current_user,`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`@user_assignment.user,`
			`@user_assignment.assignable,`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`false)`
			`format.json { render json: { status: :ok } }`
			`else`
			`format.json do`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`render json: @user_assignment.errors,`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`status: :unprocessable_entity`
			`end`
			`end`
			`end`
			`end`

			`private`

Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`def load_user_assignment`
			`@user_assignment = UserAssignment.find_by(id: params[:id])`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`end`

Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`def check_manage_permissions`
			`render_403 unless can_manage_team_users?(@user_assignment.assignable)`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`end`

Update teams table with new user assignments system [SCI-7291] 2022-10-06 00:28:40 +08:00			`def check_destroy_permissions`
			`if params[:leave]`
			`render_403 unless @user_assignment.user == current_user`
			`else`
			`render_403 unless can_manage_team_users?(@user_assignment.assignable)`
			`end`
			`end`

Some minor fixes 2017-02-09 21:58:11 +08:00			`def update_params`
Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`params.require(:user_assignment).permit(:user_role_id)`
Some minor fixes 2017-02-09 21:58:11 +08:00			`end`

Update team users table with new user assignments [SCI-6842] 2022-06-01 21:06:19 +08:00			`def reset_user_current_team(user_assignment)`
			`ids = user_assignment.user.teams_ids`
			`ids -= [user_assignment.assignable.id]`
			`user_assignment.user.current_team_id = ids.first`
			`user_assignment.user.save`
			`end`

			`def remove_user_from_team!(user_assignment, new_owner)`
			`return user_assignment.destroy! unless new_owner`

			`# Also, make new owner author of all protocols that belong`
			`# to the departing user and belong to this team.`
			`p_ids = user_assignment.user.added_protocols.where(team: user_assignment.assignable).pluck(:id)`
			`Protocol.where(id: p_ids).find_each do \|protocol\|`
			`protocol.record_timestamps = false`
			`protocol.added_by = new_owner`
			`protocol.archived_by = new_owner unless protocol.archived_by.nil?`
			`protocol.restored_by = new_owner unless protocol.restored_by.nil?`
			`protocol.save!`
			`end`

			`# Make new owner author of all inventory items that were added`
			`# by departing user and belong to this team.`
			`RepositoryRow.change_owner(user_assignment.assignable, user_assignment.user, new_owner)`

			`user_assignment.destroy!`
Refactor teams settings into its own controllers 2017-02-09 21:33:12 +08:00			`end`
			`end`
			`end`
			`end`