scinote-web/app/controllers/my_module_comments_controller.rb

187 lines
5 KiB
Ruby
Raw Normal View History

2016-02-12 23:52:43 +08:00
class MyModuleCommentsController < ApplicationController
before_action :load_vars
before_action :check_view_permissions, only: :index
2016-11-19 23:54:55 +08:00
before_action :check_add_permissions, only: [:create]
before_action :check_edit_permissions, only: [:edit, :update]
before_action :check_destroy_permissions, only: [:destroy]
2016-02-12 23:52:43 +08:00
def index
@comments = @my_module.last_comments(@last_comment_id, @per_page)
respond_to do |format|
format.json do
2016-02-12 23:52:43 +08:00
# 'index' partial includes header and form for adding new
# messages. 'list' partial is used for showing more
# comments.
partial = 'index.html.erb'
partial = 'list.html.erb' if @last_comment_id > 0
more_url = ''
2016-02-12 23:52:43 +08:00
if @comments.count > 0
more_url = url_for(my_module_my_module_comments_url(@my_module,
format: :json,
from: @comments
.first.id))
2016-02-12 23:52:43 +08:00
end
render json: {
2016-09-27 23:31:37 +08:00
perPage: @per_page,
resultsNumber: @comments.length,
moreUrl: more_url,
html: render_to_string(
2016-02-12 23:52:43 +08:00
partial: partial,
locals: {
comments: @comments,
more_comments_url: more_url
}
)
2016-02-12 23:52:43 +08:00
}
end
2016-02-12 23:52:43 +08:00
end
end
def create
@comment = Comment.new(
message: comment_params[:message],
user: current_user)
respond_to do |format|
if (@comment.valid? && @my_module.comments << @comment)
# Generate activity
Activity.create(
type_of: :add_comment_to_module,
user: current_user,
project: @my_module.experiment.project,
my_module: @my_module,
message: t(
'activities.add_comment_to_module',
user: current_user.full_name,
module: @my_module.name
)
)
format.json do
2016-02-12 23:52:43 +08:00
render json: {
2016-10-21 15:37:24 +08:00
html: render_to_string(
partial: 'comment.html.erb',
2016-02-12 23:52:43 +08:00
locals: {
comment: @comment
}
2016-10-21 15:37:24 +08:00
),
date: @comment.created_at.strftime('%d.%m.%Y')
2016-02-12 23:52:43 +08:00
},
status: :created
end
2016-02-12 23:52:43 +08:00
else
response.status = 400
format.json do
2016-02-12 23:52:43 +08:00
render json: {
errors: @comment.errors.to_hash(true)
}
end
2016-02-12 23:52:43 +08:00
end
end
end
def edit
2016-08-25 15:39:14 +08:00
@update_url =
my_module_my_module_comment_path(@my_module, @comment, format: :json)
respond_to do |format|
format.json do
render json: {
html: render_to_string(
partial: '/comments/edit.html.erb'
)
}
end
end
end
def update
@comment.message = comment_params[:message]
respond_to do |format|
format.json do
if @comment.save
# Generate activity
Activity.create(
type_of: :edit_module_comment,
user: current_user,
project: @my_module.experiment.project,
my_module: @my_module,
message: t(
'activities.edit_module_comment',
user: current_user.full_name,
module: @my_module.name
)
)
render json: {}, status: :ok
else
render json: { errors: @comment.errors.to_hash(true) },
status: :unprocessable_entity
end
end
end
end
def destroy
respond_to do |format|
format.json do
if @comment.destroy
# Generate activity
Activity.create(
type_of: :delete_module_comment,
user: current_user,
project: @my_module.experiment.project,
my_module: @my_module,
message: t(
'activities.delete_module_comment',
user: current_user.full_name,
module: @my_module.name
)
)
render json: {}, status: :ok
else
render json: { message: I18n.t('comments.delete_error') },
status: :unprocessable_entity
end
end
end
end
2016-02-12 23:52:43 +08:00
private
def load_vars
@last_comment_id = params[:from].to_i
@per_page = Constants::COMMENTS_SEARCH_LIMIT
2016-02-12 23:52:43 +08:00
@my_module = MyModule.find_by_id(params[:my_module_id])
unless @my_module
render_404
end
end
def check_view_permissions
unless can_view_module_comments(@my_module)
render_403
end
end
def check_add_permissions
unless can_add_comment_to_module(@my_module)
render_403
end
end
def check_edit_permissions
@comment = Comment.find_by_id(params[:id])
render_403 unless @comment.present? && can_edit_module_comment(@comment)
end
def check_destroy_permissions
@comment = Comment.find_by_id(params[:id])
render_403 unless @comment.present? && can_delete_module_comment(@comment)
end
2016-02-12 23:52:43 +08:00
def comment_params
params.require(:comment).permit(:message)
end
end