scinote-web/app/controllers/marvin_js_assets_controller.rb

104 lines
3 KiB
Ruby
Raw Normal View History

2019-04-27 04:59:38 +08:00
# frozen_string_literal: true
class MarvinJsAssetsController < ApplicationController
include MarvinJsActions
include ActiveStorage::SetCurrent
2019-07-19 20:10:38 +08:00
before_action :load_vars, except: :create
before_action :load_create_vars, only: :create
2019-07-16 19:40:54 +08:00
before_action :check_read_permission
before_action :check_manage_permission, only: %i(update create start_editing)
2019-07-16 19:40:54 +08:00
2019-04-27 04:59:38 +08:00
def create
2019-07-19 20:10:38 +08:00
result = MarvinJsService.create_sketch(marvin_params, current_user, current_team)
create_create_marvinjs_activity(result[:asset], current_user)
if result[:asset]
if marvin_params[:object_type] == 'Step' || marvin_params[:object_type] == 'Result'
render json: {
html: render_to_string(partial: 'assets/asset', locals: {
asset: result[:asset],
gallery_view_id: marvin_params[:object_id]
})
}
else
render json: result[:asset]
end
2019-05-02 22:12:25 +08:00
else
render json: result[:asset]&.errors, status: :unprocessable_entity
2019-04-28 01:08:40 +08:00
end
2019-04-27 04:59:38 +08:00
end
2019-04-28 01:08:40 +08:00
def update
2019-07-19 20:10:38 +08:00
asset = MarvinJsService.update_sketch(marvin_params, current_user, current_team)
create_edit_marvinjs_activity(asset, current_user, :finish_editing)
if asset
2019-09-18 17:18:44 +08:00
render json: { url: rails_representation_url(asset.medium_preview),
id: asset.id,
file_name: asset.blob.metadata['name'] }
2019-05-02 22:12:25 +08:00
else
render json: { error: t('marvinjs.no_sketches_found') }, status: :unprocessable_entity
end
2019-04-28 01:08:40 +08:00
end
def start_editing
create_edit_marvinjs_activity(@asset, current_user, :start_editing)
end
2019-04-27 04:59:38 +08:00
private
2019-07-16 19:40:54 +08:00
def load_vars
2020-09-25 21:06:09 +08:00
@asset = current_team.assets.find_by(id: params[:id])
2019-07-19 20:10:38 +08:00
return render_404 unless @asset
@assoc ||= @asset.step
@assoc ||= @asset.result
2019-07-16 19:40:54 +08:00
2019-07-19 20:10:38 +08:00
if @assoc.class == Step
@protocol = @assoc.protocol
elsif @assoc.class == Result
@my_module = @assoc.my_module
2019-07-16 19:40:54 +08:00
end
2019-07-19 20:10:38 +08:00
end
def load_create_vars
2020-09-25 21:06:09 +08:00
@assoc = Step.find_by(id: marvin_params[:object_id]) if marvin_params[:object_type] == 'Step'
@assoc = Result.find_by(id: params[:object_id]) if marvin_params[:object_type] == 'Result'
2019-07-16 19:40:54 +08:00
if @assoc.class == Step
@protocol = @assoc.protocol
elsif @assoc.class == Result
@my_module = @assoc.my_module
2019-07-16 19:40:54 +08:00
end
end
def check_read_permission
if @assoc.class == Step
2019-07-19 20:10:38 +08:00
return render_403 unless can_read_protocol_in_module?(@protocol) ||
can_read_protocol_in_repository?(@protocol)
elsif @assoc.class == Result
2019-07-19 20:10:38 +08:00
return render_403 unless can_read_experiment?(@my_module.experiment)
else
render_403
2019-07-16 19:40:54 +08:00
end
end
def check_manage_permission
if @assoc.class == Step
return render_403 unless can_manage_step?(@assoc)
elsif @assoc.class == Result
return render_403 unless can_manage_my_module?(@assoc.my_module)
2019-07-19 20:10:38 +08:00
else
render_403
2019-07-16 19:40:54 +08:00
end
end
2019-04-27 04:59:38 +08:00
def marvin_params
2019-04-29 01:11:41 +08:00
params.permit(:id, :description, :object_id, :object_type, :name, :image)
2019-04-27 04:59:38 +08:00
end
end