2022-04-29 18:29:42 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class StepOrderableElementsController < ApplicationController
|
|
|
|
before_action :load_vars_nested
|
2022-05-05 18:56:31 +08:00
|
|
|
before_action :load_vars, only: %i(destroy update)
|
2022-05-03 21:15:49 +08:00
|
|
|
before_action :check_manage_permissions, only: %i(create destroy)
|
2022-04-29 18:29:42 +08:00
|
|
|
|
|
|
|
def create
|
|
|
|
ActiveRecord::Base.transaction do
|
|
|
|
element = @step.step_orderable_elements.create!(
|
|
|
|
position: @step.step_orderable_elements.length,
|
|
|
|
orderable: create_step_element
|
|
|
|
)
|
2022-05-10 19:28:09 +08:00
|
|
|
render json: element, serializer: StepOrderableElementSerializer, user: current_user
|
2022-04-29 18:29:42 +08:00
|
|
|
rescue ActiveRecord::RecordInvalid
|
|
|
|
render json: {}, status: :unprocessable_entity
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-05-05 18:56:31 +08:00
|
|
|
def update
|
|
|
|
@element.update!(orderable_params)
|
2022-05-10 19:28:09 +08:00
|
|
|
render json: @element, serializer: "#{@element.class}Serializer".constantize, user: current_user
|
2022-05-05 18:56:31 +08:00
|
|
|
rescue ActiveRecord::RecordInvalid
|
|
|
|
render json: {}, status: :unprocessable_entity
|
|
|
|
end
|
|
|
|
|
2022-05-03 21:15:49 +08:00
|
|
|
def destroy
|
|
|
|
if @element.destroy
|
2022-05-10 19:28:09 +08:00
|
|
|
render json: @orderable_element, serializer: StepOrderableElementSerializer, user: current_user
|
2022-05-03 21:15:49 +08:00
|
|
|
else
|
|
|
|
render json: {}, status: :unprocessable_entity
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-04-29 18:29:42 +08:00
|
|
|
private
|
|
|
|
|
|
|
|
def load_vars_nested
|
|
|
|
@step = Step.find_by(id: params[:step_id])
|
|
|
|
return render_404 unless @step
|
|
|
|
|
|
|
|
@protocol = @step.protocol
|
|
|
|
end
|
|
|
|
|
|
|
|
def check_view_permissions
|
|
|
|
render_403 unless can_read_protocol_in_module?(@protocol) || can_read_protocol_in_repository?(@protocol)
|
|
|
|
end
|
|
|
|
|
|
|
|
def check_manage_permissions
|
|
|
|
render_403 unless can_manage_step?(@step)
|
|
|
|
end
|
|
|
|
end
|