2016-02-12 23:52:43 +08:00
|
|
|
class CustomFieldsController < ApplicationController
|
2017-01-11 22:50:11 +08:00
|
|
|
include InputSanitizeHelper
|
|
|
|
|
2017-03-15 21:09:44 +08:00
|
|
|
before_action :load_vars, except: :create
|
2016-12-09 18:58:10 +08:00
|
|
|
before_action :load_vars_nested, only: [:create, :destroy_html]
|
2018-01-03 23:37:02 +08:00
|
|
|
before_action :check_create_permissions, only: :create
|
2018-02-16 01:46:29 +08:00
|
|
|
before_action :check_manage_permissions, except: :create
|
2016-02-12 23:52:43 +08:00
|
|
|
|
|
|
|
def create
|
|
|
|
@custom_field = CustomField.new(custom_field_params)
|
2017-01-24 23:57:14 +08:00
|
|
|
@custom_field.team = @team
|
2016-02-12 23:52:43 +08:00
|
|
|
@custom_field.user = current_user
|
|
|
|
|
|
|
|
respond_to do |format|
|
|
|
|
if @custom_field.save
|
2016-11-29 22:05:18 +08:00
|
|
|
format.json do
|
2016-02-12 23:52:43 +08:00
|
|
|
render json: {
|
2016-12-02 23:18:11 +08:00
|
|
|
id: @custom_field.id,
|
2017-01-11 22:50:11 +08:00
|
|
|
name: escape_input(@custom_field.name),
|
2016-12-09 18:58:10 +08:00
|
|
|
edit_url:
|
2017-03-18 00:52:15 +08:00
|
|
|
edit_team_custom_field_path(@team, @custom_field),
|
|
|
|
update_url:
|
2017-01-24 23:57:14 +08:00
|
|
|
team_custom_field_path(@team, @custom_field),
|
2016-12-09 18:58:10 +08:00
|
|
|
destroy_html_url:
|
2017-01-24 23:57:14 +08:00
|
|
|
team_custom_field_destroy_html_path(
|
|
|
|
@team, @custom_field
|
2016-12-09 18:58:10 +08:00
|
|
|
)
|
2016-02-12 23:52:43 +08:00
|
|
|
},
|
2016-11-29 22:05:18 +08:00
|
|
|
status: :ok
|
|
|
|
end
|
2016-02-12 23:52:43 +08:00
|
|
|
else
|
2016-09-22 23:26:55 +08:00
|
|
|
format.json do
|
|
|
|
render json: @custom_field.errors.to_json,
|
|
|
|
status: :unprocessable_entity
|
|
|
|
end
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-03-18 00:52:15 +08:00
|
|
|
def edit
|
|
|
|
respond_to do |format|
|
|
|
|
format.json do
|
|
|
|
render json: { status: :ok }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-11-29 22:05:18 +08:00
|
|
|
def update
|
|
|
|
respond_to do |format|
|
|
|
|
format.json do
|
|
|
|
@custom_field.update_attributes(custom_field_params)
|
|
|
|
if @custom_field.save
|
|
|
|
render json: { status: :ok }
|
|
|
|
else
|
|
|
|
render json: @custom_field.errors.to_json,
|
|
|
|
status: :unprocessable_entity
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-12-09 18:58:10 +08:00
|
|
|
def destroy_html
|
|
|
|
respond_to do |format|
|
|
|
|
format.json do
|
|
|
|
render json: {
|
|
|
|
html: render_to_string(
|
2016-12-14 22:23:00 +08:00
|
|
|
partial: 'samples/delete_custom_field_modal_body.html.erb',
|
|
|
|
locals: { column_index: params[:column_index] }
|
2016-12-09 18:58:10 +08:00
|
|
|
)
|
|
|
|
}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def destroy
|
2016-12-14 22:23:00 +08:00
|
|
|
@del_custom_field = @custom_field.dup
|
2016-12-09 18:58:10 +08:00
|
|
|
respond_to do |format|
|
|
|
|
format.json do
|
|
|
|
if @custom_field.destroy
|
2016-12-14 22:27:24 +08:00
|
|
|
SamplesTable.update_samples_table_state(
|
|
|
|
@del_custom_field,
|
|
|
|
params[:custom_field][:column_index]
|
|
|
|
)
|
2016-12-09 18:58:10 +08:00
|
|
|
render json: { status: :ok }
|
|
|
|
else
|
|
|
|
render json: { status: :unprocessable_entity }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-02-12 23:52:43 +08:00
|
|
|
private
|
|
|
|
|
2016-11-29 22:05:18 +08:00
|
|
|
def load_vars
|
|
|
|
@custom_field = CustomField.find_by_id(params[:id])
|
2016-12-09 18:58:10 +08:00
|
|
|
@custom_field = CustomField.find_by_id(
|
|
|
|
params[:custom_field_id]
|
|
|
|
) unless @custom_field
|
2016-11-29 22:05:18 +08:00
|
|
|
render_404 unless @custom_field
|
|
|
|
end
|
|
|
|
|
2016-02-12 23:52:43 +08:00
|
|
|
def load_vars_nested
|
2017-01-25 00:06:51 +08:00
|
|
|
@team = Team.find_by_id(params[:team_id])
|
2017-01-24 23:57:14 +08:00
|
|
|
render_404 unless @team
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|
|
|
|
|
2018-01-03 23:37:02 +08:00
|
|
|
def check_create_permissions
|
2018-02-16 01:46:29 +08:00
|
|
|
render_403 unless can_create_sample_columns?(@team)
|
2016-12-09 18:58:10 +08:00
|
|
|
end
|
|
|
|
|
2018-02-16 01:46:29 +08:00
|
|
|
def check_manage_permissions
|
|
|
|
render_403 unless can_manage_sample_column?(@custom_field)
|
2018-01-03 23:37:02 +08:00
|
|
|
end
|
|
|
|
|
2016-02-12 23:52:43 +08:00
|
|
|
def custom_field_params
|
|
|
|
params.require(:custom_field).permit(:name)
|
|
|
|
end
|
|
|
|
end
|