2017-02-09 21:33:12 +08:00
|
|
|
module Users
|
|
|
|
module Settings
|
|
|
|
class UserTeamsController < ApplicationController
|
2017-02-09 21:58:11 +08:00
|
|
|
include NotificationsHelper
|
|
|
|
include InputSanitizeHelper
|
|
|
|
|
2017-02-09 21:33:12 +08:00
|
|
|
before_action :load_user, only: :destroy
|
|
|
|
|
|
|
|
before_action :load_user_team, only: [
|
|
|
|
:update,
|
|
|
|
:leave_html,
|
|
|
|
:destroy_html,
|
|
|
|
:destroy
|
|
|
|
]
|
|
|
|
|
|
|
|
def update
|
|
|
|
respond_to do |format|
|
2017-02-15 17:06:21 +08:00
|
|
|
if @user_t.update(update_params)
|
2017-04-12 22:56:10 +08:00
|
|
|
# If user is administrator of team,
|
|
|
|
# and he/she changes his/her role
|
|
|
|
# he/she should be redirected to teams page
|
|
|
|
new_path = teams_path if @user_t.user == @current_user &&
|
|
|
|
@user_t.role != 'admin'
|
2017-02-09 21:33:12 +08:00
|
|
|
format.json do
|
|
|
|
render json: {
|
2017-04-12 22:56:10 +08:00
|
|
|
status: :ok,
|
|
|
|
new_path: new_path
|
2017-02-09 21:33:12 +08:00
|
|
|
}
|
|
|
|
end
|
|
|
|
else
|
|
|
|
format.json do
|
2017-02-15 17:06:21 +08:00
|
|
|
render json: @user_t.errors,
|
2017-02-09 21:33:12 +08:00
|
|
|
status: :unprocessable_entity
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def leave_html
|
|
|
|
respond_to do |format|
|
|
|
|
format.json do
|
|
|
|
render json: {
|
|
|
|
html: render_to_string(
|
|
|
|
partial:
|
2017-02-13 23:40:27 +08:00
|
|
|
'users/settings/user_teams/' \
|
|
|
|
'leave_user_team_modal_body.html.erb',
|
2017-02-15 17:06:21 +08:00
|
|
|
locals: { user_team: @user_t }
|
2017-02-09 21:33:12 +08:00
|
|
|
),
|
|
|
|
heading: I18n.t(
|
|
|
|
'users.settings.user_teams.leave_uo_heading',
|
2017-02-15 17:06:21 +08:00
|
|
|
team: escape_input(@user_t.team.name)
|
2017-02-09 21:33:12 +08:00
|
|
|
)
|
|
|
|
}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def destroy_html
|
|
|
|
respond_to do |format|
|
|
|
|
format.json do
|
|
|
|
render json: {
|
|
|
|
html: render_to_string(
|
|
|
|
partial: 'users/settings/user_teams/' \
|
|
|
|
'destroy_user_team_modal_body.html.erb',
|
2017-02-15 17:06:21 +08:00
|
|
|
locals: { user_team: @user_t }
|
2017-02-09 21:33:12 +08:00
|
|
|
),
|
|
|
|
heading: I18n.t(
|
|
|
|
'users.settings.user_teams.destroy_uo_heading',
|
2017-02-15 17:06:21 +08:00
|
|
|
user: escape_input(@user_t.user.full_name),
|
|
|
|
team: escape_input(@user_t.team.name)
|
2017-02-09 21:33:12 +08:00
|
|
|
)
|
|
|
|
}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def destroy
|
2017-02-13 23:40:27 +08:00
|
|
|
# If user is last administrator of team,
|
|
|
|
# he/she cannot be deleted from it.
|
|
|
|
invalid =
|
2017-02-15 17:06:21 +08:00
|
|
|
@user_t.admin? &&
|
|
|
|
@user_t
|
2017-02-13 23:40:27 +08:00
|
|
|
.team
|
|
|
|
.user_teams
|
|
|
|
.where(role: 2)
|
|
|
|
.count <= 1
|
2017-02-09 21:33:12 +08:00
|
|
|
|
2017-02-13 23:40:27 +08:00
|
|
|
unless invalid
|
|
|
|
begin
|
|
|
|
UserTeam.transaction do
|
|
|
|
# If user leaves on his/her own accord,
|
|
|
|
# new owner for projects is the first
|
|
|
|
# administrator of team
|
|
|
|
if params[:leave]
|
|
|
|
new_owner =
|
2017-02-15 17:06:21 +08:00
|
|
|
@user_t
|
2017-02-13 23:40:27 +08:00
|
|
|
.team
|
|
|
|
.user_teams
|
|
|
|
.where(role: 2)
|
2017-02-15 17:06:21 +08:00
|
|
|
.where.not(id: @user_t.id)
|
2017-02-13 23:40:27 +08:00
|
|
|
.first
|
|
|
|
.user
|
|
|
|
else
|
|
|
|
# Otherwise, the new owner for projects is
|
|
|
|
# the current user (= an administrator removing
|
|
|
|
# the user from the team)
|
|
|
|
new_owner = current_user
|
2017-02-09 21:33:12 +08:00
|
|
|
end
|
2017-02-15 17:06:21 +08:00
|
|
|
reset_user_current_team(@user_t)
|
|
|
|
@user_t.destroy(new_owner)
|
2017-02-09 21:33:12 +08:00
|
|
|
end
|
2017-02-13 23:40:27 +08:00
|
|
|
rescue Exception
|
|
|
|
invalid = true
|
2017-02-09 21:33:12 +08:00
|
|
|
end
|
2017-02-13 23:40:27 +08:00
|
|
|
end
|
2017-02-09 21:33:12 +08:00
|
|
|
|
2017-02-13 23:40:27 +08:00
|
|
|
respond_to do |format|
|
2017-02-09 21:33:12 +08:00
|
|
|
if !invalid
|
|
|
|
if params[:leave]
|
|
|
|
flash[:notice] = I18n.t(
|
|
|
|
'users.settings.user_teams.leave_flash',
|
2017-02-15 17:06:21 +08:00
|
|
|
team: @user_t.team.name
|
2017-02-09 21:33:12 +08:00
|
|
|
)
|
|
|
|
flash.keep(:notice)
|
|
|
|
end
|
2018-03-07 20:20:17 +08:00
|
|
|
generate_notification(current_user,
|
2017-02-15 17:06:21 +08:00
|
|
|
@user_t.user,
|
|
|
|
@user_t.team,
|
2017-02-09 21:33:12 +08:00
|
|
|
false,
|
|
|
|
false)
|
|
|
|
format.json { render json: { status: :ok } }
|
|
|
|
else
|
|
|
|
format.json do
|
2017-02-15 17:06:21 +08:00
|
|
|
render json: @user_t.errors,
|
2017-02-09 21:33:12 +08:00
|
|
|
status: :unprocessable_entity
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def load_user
|
|
|
|
@user = current_user
|
|
|
|
end
|
|
|
|
|
|
|
|
def load_user_team
|
2017-02-15 17:06:21 +08:00
|
|
|
@user_t = UserTeam.find_by_id(params[:id])
|
|
|
|
@team = @user_t.team
|
2017-02-09 21:33:12 +08:00
|
|
|
# Don't allow the user to modify UserTeam-s if he's not admin,
|
|
|
|
# unless he/she is modifying his/her UserTeam
|
2017-02-15 17:06:21 +08:00
|
|
|
if current_user != @user_t.user &&
|
2018-01-24 20:21:53 +08:00
|
|
|
!can_manage_team_users?(@user_t.team)
|
2017-02-09 21:33:12 +08:00
|
|
|
render_403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-02-09 21:58:11 +08:00
|
|
|
def update_params
|
|
|
|
params.require(:user_team).permit(
|
|
|
|
:role
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
2017-02-09 21:33:12 +08:00
|
|
|
def reset_user_current_team(user_team)
|
|
|
|
ids = user_team.user.teams_ids
|
|
|
|
ids -= [user_team.team.id]
|
|
|
|
user_team.user.current_team_id = ids.first
|
|
|
|
user_team.user.save
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|