scinote-web/app/controllers/step_comments_controller.rb

class StepCommentsController < ApplicationController
  include ActionView::Helpers::TextHelper
  include InputSanitizeHelper
  include ApplicationHelper
  include Rails.application.routes.url_helpers

  before_action :load_vars

  before_action :check_view_permissions, only: [:index]
  before_action :check_add_permissions, only: [:create]
  before_action :check_manage_permissions, only: %i(edit update destroy)

  def index
    @comments = @step.last_comments(@last_comment_id, @per_page)

    respond_to do |format|
      format.json do
        # 'index' partial includes header and form for adding new
        # messages. 'list' partial is used for showing more
        # comments.
        partial = 'index.html.erb'
        partial = 'steps/comments/list.html.erb' if @last_comment_id.positive?
        more_url = ''
        if @comments.size.positive?
          more_url = url_for(step_step_comments_path(@step,
                                                     format: :json,
                                                     from: @comments.first.id))
        end
        render json: {
          perPage: @per_page,
          resultsNumber: @comments.size,
          moreUrl: more_url,
          html: render_to_string(
            partial: partial,
            locals: { step: @step, comments: @comments, per_page: @per_page }
          )
        }
      end
    end
  end

  def create
    @comment = StepComment.new(
      message: comment_params[:message],
      user: current_user,
      step: @step
    )

    respond_to do |format|
      if @comment.save

        step_comment_annotation_notification
        # Generate activity (this can only occur in module,
        # but nonetheless check if my module is not nil)
        log_activity(:add_comment_to_step)

        format.json {
          render json: {
            html: render_to_string(
              partial: 'steps/comments/item.html.erb',
              locals: {
                comment: @comment
              }
            ),
            date: I18n.l(@comment.created_at, format: :full_date)
          },
          status: :created
        }
      else
        response.status = 400
        format.json {
          render json: {
            errors: @comment.errors.to_hash(true)
          }
        }
      end
    end
  end

  def edit
    @update_url = step_step_comment_path(@step, @comment, format: :json)
    respond_to do |format|
      format.json do
        render json: {
          html: render_to_string(
            partial: '/comments/edit.html.erb'
          )
        }
      end
    end
  end

  def update
    old_text = @comment.message
    @comment.message = comment_params[:message]
    respond_to do |format|
      format.json do
        if @comment.save

          step_comment_annotation_notification(old_text)
          # Generate activity
          log_activity(:edit_step_comment)

          message = custom_auto_link(@comment.message, simple_format: false,
              tags: %w(img), team: current_team)
          render json: { comment: message }, status: :ok
        else
          render json: { errors: @comment.errors.to_hash(true) },
                 status: :unprocessable_entity
        end
      end
    end
  end

  def destroy
    respond_to do |format|
      format.json do
        if @comment.destroy
          log_activity(:delete_step_comment)
          render json: {}, status: :ok
        else
          render json: { message: I18n.t('comments.delete_error') },
                 status: :unprocessable_entity
        end
      end
    end
  end

  private

  def load_vars
    @last_comment_id = params[:from].to_i
    @per_page = Constants::COMMENTS_SEARCH_LIMIT
    @step = Step.find_by_id(params[:step_id])
    @protocol = @step.protocol

    unless @step
      render_404
    end
  end

  def check_view_permissions
    render_403 unless can_read_protocol_in_module?(@protocol)
  end

  def check_add_permissions
    render_403 unless can_create_comments_in_module?(@protocol.my_module)
  end

  def check_manage_permissions
    @comment = StepComment.find_by_id(params[:id])
    render_403 unless @comment.present? &&
                      can_manage_comment_in_module?(@comment.becomes(Comment))
  end

  def comment_params
    params.require(:comment).permit(:message)
  end

  def step_comment_annotation_notification(old_text = nil)
    smart_annotation_notification(
      old_text: (old_text if old_text),
      new_text: comment_params[:message],
      title: t('notifications.step_comment_annotation_title',
               step: @step.name,
               user: current_user.full_name),
      message: t('notifications.step_annotation_message_html',
                 project: link_to(@step.my_module.experiment.project.name,
                                  project_url(@step.my_module
                                                   .experiment
                                                   .project)),
                 experiment: link_to(@step.my_module.experiment.name,
                                     canvas_experiment_url(@step.my_module
                                                                .experiment)),
                 my_module: link_to(@step.my_module.name,
                                    protocols_my_module_url(
                                      @step.my_module
                                    )),
                 step: link_to(@step.name,
                               protocols_my_module_url(@step.my_module)))
    )
  end

  def log_activity(type_of)
    Activities::CreateActivityService
      .call(activity_type: type_of,
            owner: current_user,
            subject: @protocol,
            team: current_team,
            project: @step.my_module.experiment.project,
            message_items: {
              my_module: @step.my_module.id,
              step: @step.id,
              step_position: { id: @step.id, value_for: 'position_plus_one' }
            })
  end
end
Initial commit. 2016-02-12 23:52:43 +08:00			`class StepCommentsController < ApplicationController`
Fix 2 bugs with comments editing Closes SCI-820. 2016-12-24 03:41:23 +08:00			`include ActionView::Helpers::TextHelper`
Fix includes [SCI-102] 2017-01-13 00:02:01 +08:00			`include InputSanitizeHelper`
adds user preview to user smart annotation [fixes SCI-832] 2017-01-13 18:34:10 +08:00			`include ApplicationHelper`
first run 2017-04-04 15:19:43 +08:00			`include Rails.application.routes.url_helpers`
Fix 2 bugs with comments editing Closes SCI-820. 2016-12-24 03:41:23 +08:00
Initial commit. 2016-02-12 23:52:43 +08:00			`before_action :load_vars`

styled step comments 2016-09-20 20:13:40 +08:00			`before_action :check_view_permissions, only: [:index]`
Finish removing new comment forms 2016-11-19 23:54:55 +08:00			`before_action :check_add_permissions, only: [:create]`
Refactored remaining experiment level permissions (and everything below it). 2018-02-09 23:14:40 +08:00			`before_action :check_manage_permissions, only: %i(edit update destroy)`
Initial commit. 2016-02-12 23:52:43 +08:00
			`def index`
			`@comments = @step.last_comments(@last_comment_id, @per_page)`

			`respond_to do \|format\|`
styled step comments 2016-09-20 20:13:40 +08:00			`format.json do`
Initial commit. 2016-02-12 23:52:43 +08:00			`# 'index' partial includes header and form for adding new`
			`# messages. 'list' partial is used for showing more`
			`# comments.`
styled step comments 2016-09-20 20:13:40 +08:00			`partial = 'index.html.erb'`
Changes to comments section in Task Steps 2019-04-20 16:59:59 +08:00			`partial = 'steps/comments/list.html.erb' if @last_comment_id.positive?`
styled step comments 2016-09-20 20:13:40 +08:00			`more_url = ''`
Refactor result and step comments initialization [SCI-2830] 2018-11-13 23:57:42 +08:00			`if @comments.size.positive?`
Initial commit. 2016-02-12 23:52:43 +08:00			`more_url = url_for(step_step_comments_path(@step,`
			`format: :json,`
fixed step comment sorting 2016-09-20 19:31:50 +08:00			`from: @comments.first.id))`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`
styled step comments 2016-09-20 20:13:40 +08:00			`render json: {`
fixing hound 2016-09-27 23:31:37 +08:00			`perPage: @per_page,`
Refactor result and step comments initialization [SCI-2830] 2018-11-13 23:57:42 +08:00			`resultsNumber: @comments.size,`
fixing hound 2016-09-27 23:31:37 +08:00			`moreUrl: more_url,`
Refactor result and step comments initialization [SCI-2830] 2018-11-13 23:57:42 +08:00			`html: render_to_string(`
			`partial: partial,`
			`locals: { step: @step, comments: @comments, per_page: @per_page }`
			`)`
Initial commit. 2016-02-12 23:52:43 +08:00			`}`
styled step comments 2016-09-20 20:13:40 +08:00			`end`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`
			`end`

			`def create`
Refactoring of the comments using STI [SCI-1090] 2017-03-08 20:18:20 +08:00			`@comment = StepComment.new(`
Initial commit. 2016-02-12 23:52:43 +08:00			`message: comment_params[:message],`
Refactoring of the comments using STI [SCI-1090] 2017-03-08 20:18:20 +08:00			`user: current_user,`
			`step: @step`
			`)`
Initial commit. 2016-02-12 23:52:43 +08:00
			`respond_to do \|format\|`
Remove unneeded validation calls [SCI-1090] 2017-03-10 00:20:27 +08:00			`if @comment.save`
completed step annotations 2017-04-06 14:42:16 +08:00
			`step_comment_annotation_notification`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`# Generate activity (this can only occur in module,`
			`# but nonetheless check if my module is not nil)`
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00			`log_activity(:add_comment_to_step)`
Initial commit. 2016-02-12 23:52:43 +08:00
			`format.json {`
			`render json: {`
Fix hound warnings [SCI-557] 2016-10-21 15:37:24 +08:00			`html: render_to_string(`
Changes to comments section in Task Steps 2019-04-20 16:59:59 +08:00			`partial: 'steps/comments/item.html.erb',`
Initial commit. 2016-02-12 23:52:43 +08:00			`locals: {`
			`comment: @comment`
			`}`
Fix hound warnings [SCI-557] 2016-10-21 15:37:24 +08:00			`),`
Add time format selection to settings [SCI-2778] 2018-11-09 22:58:08 +08:00			`date: I18n.l(@comment.created_at, format: :full_date)`
Initial commit. 2016-02-12 23:52:43 +08:00			`},`
			`status: :created`
			`}`
			`else`
			`response.status = 400`
			`format.json {`
			`render json: {`
			`errors: @comment.errors.to_hash(true)`
			`}`
			`}`
			`end`
			`end`
			`end`

Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`def edit`
			`@update_url = step_step_comment_path(@step, @comment, format: :json)`
			`respond_to do \|format\|`
			`format.json do`
			`render json: {`
			`html: render_to_string(`
			`partial: '/comments/edit.html.erb'`
			`)`
			`}`
			`end`
			`end`
			`end`

			`def update`
completed step annotations 2017-04-06 14:42:16 +08:00			`old_text = @comment.message`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`@comment.message = comment_params[:message]`
			`respond_to do \|format\|`
			`format.json do`
			`if @comment.save`
completed step annotations 2017-04-06 14:42:16 +08:00
			`step_comment_annotation_notification(old_text)`
Generate activities when editing/deleting comments 2016-08-25 19:33:42 +08:00			`# Generate activity`
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00			`log_activity(:edit_step_comment)`

Add smart annotation to comments [SCI-3458] (#1768) * Add smart annotation to comments 2019-05-15 20:59:15 +08:00			`message = custom_auto_link(@comment.message, simple_format: false,`
			`tags: %w(img), team: current_team)`
adds user preview to user smart annotation [fixes SCI-832] 2017-01-13 18:34:10 +08:00			`render json: { comment: message }, status: :ok`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`else`
			`render json: { errors: @comment.errors.to_hash(true) },`
			`status: :unprocessable_entity`
			`end`
			`end`
			`end`
			`end`

			`def destroy`
			`respond_to do \|format\|`
			`format.json do`
			`if @comment.destroy`
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00			`log_activity(:delete_step_comment)`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`render json: {}, status: :ok`
			`else`
			`render json: { message: I18n.t('comments.delete_error') },`
			`status: :unprocessable_entity`
			`end`
			`end`
			`end`
			`end`

Initial commit. 2016-02-12 23:52:43 +08:00			`private`

			`def load_vars`
			`@last_comment_id = params[:from].to_i`
Ruby constants are now automatically available in JS. Refactoring was needed. 2016-10-05 23:45:20 +08:00			`@per_page = Constants::COMMENTS_SEARCH_LIMIT`
Initial commit. 2016-02-12 23:52:43 +08:00			`@step = Step.find_by_id(params[:step_id])`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`@protocol = @step.protocol`
Initial commit. 2016-02-12 23:52:43 +08:00
			`unless @step`
			`render_404`
			`end`
			`end`

			`def check_view_permissions`
Grouped remaining permissions for experiment, protocol, task, and partially step levels. [SCI-1964] 2018-02-02 01:41:28 +08:00			`render_403 unless can_read_protocol_in_module?(@protocol)`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`

			`def check_add_permissions`
Overall refactoring of all canaid permissions and code related to their calls. 2018-02-16 01:46:29 +08:00			`render_403 unless can_create_comments_in_module?(@protocol.my_module)`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`end`

Refactored remaining experiment level permissions (and everything below it). 2018-02-09 23:14:40 +08:00			`def check_manage_permissions`
Refactoring of the comments using STI [SCI-1090] 2017-03-08 20:18:20 +08:00			`@comment = StepComment.find_by_id(params[:id])`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`render_403 unless @comment.present? &&`
Fixed comments permissions for experiment level. 2018-02-13 21:59:30 +08:00			`can_manage_comment_in_module?(@comment.becomes(Comment))`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`end`

Initial commit. 2016-02-12 23:52:43 +08:00			`def comment_params`
			`params.require(:comment).permit(:message)`
			`end`
completed step annotations 2017-04-06 14:42:16 +08:00
			`def step_comment_annotation_notification(old_text = nil)`
			`smart_annotation_notification(`
			`old_text: (old_text if old_text),`
			`new_text: comment_params[:message],`
add notification for my_module/project comments 2017-04-06 20:07:22 +08:00			`title: t('notifications.step_comment_annotation_title',`
completed step annotations 2017-04-06 14:42:16 +08:00			`step: @step.name,`
			`user: current_user.full_name),`
			`message: t('notifications.step_annotation_message_html',`
			`project: link_to(@step.my_module.experiment.project.name,`
			`project_url(@step.my_module`
			`.experiment`
			`.project)),`
add experiment level to user smart annotation notification 2017-04-20 19:05:49 +08:00			`experiment: link_to(@step.my_module.experiment.name,`
			`canvas_experiment_url(@step.my_module`
			`.experiment)),`
completed step annotations 2017-04-06 14:42:16 +08:00			`my_module: link_to(@step.my_module.name,`
			`protocols_my_module_url(`
			`@step.my_module`
			`)),`
			`step: link_to(@step.name,`
			`protocols_my_module_url(@step.my_module)))`
			`)`
			`end`
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00
			`def log_activity(type_of)`
			`Activities::CreateActivityService`
			`.call(activity_type: type_of,`
			`owner: current_user,`
			`subject: @protocol,`
			`team: current_team,`
			`project: @step.my_module.experiment.project,`
			`message_items: {`
Change activities for task protocols 2019-03-29 22:09:20 +08:00			`my_module: @step.my_module.id,`
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00			`step: @step.id,`
Refactor step activities using position_plus_one Closes SCI-3273 2019-04-03 19:10:45 +08:00			`step_position: { id: @step.id, value_for: 'position_plus_one' }`
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00			`})`
			`end`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`