scinote-web/app/controllers/users/settings_controller.rb

class Users::SettingsController < ApplicationController
  include UsersGenerator
  include NotificationsHelper
  include InputSanitizeHelper

  before_action :load_user, only: [
    :teams,
    :team,
    :create_team,
    :teams_datatable,
    :team_users_datatable,
    :user_current_team,
    :destroy_user_team
  ]

  before_action :check_team_permission, only: [
    :team,
    :update_team,
    :destroy_team,
    :team_name,
    :team_description,
    :team_users_datatable
  ]

  before_action :check_user_team_permission, only: [
    :update_user_team,
    :leave_user_team_html,
    :destroy_user_team_html,
    :destroy_user_team
  ]

  def teams
    @user_teams =
      @user
      .user_teams
      .includes(team: :users)
      .order(created_at: :asc)
    @member_of = @user_teams.count
  end

  def team
    @user_team = UserTeam.find_by(user: @user, team: @team)
  end

  def update_team
    respond_to do |format|
      if @team.update(update_team_params)
        @team.update(last_modified_by: current_user)
        format.json {
          render json: {
            status: :ok,
            description_label: render_to_string(
              partial: "users/settings/teams/description_label.html.erb",
              locals: { team: @team }
            )
          }
        }
      else
        format.json {
          render json: @team.errors,
          status: :unprocessable_entity
        }
      end
    end
  end

  def team_name
    respond_to do |format|
      format.json {
        render json: {
          html: render_to_string({
            partial: "users/settings/teams/name_modal_body.html.erb",
            locals: { team: @team }
          })
        }
      }
    end
  end

  def team_description
    respond_to do |format|
      format.json {
        render json: {
          html: render_to_string({
            partial: "users/settings/teams/description_modal_body.html.erb",
            locals: { team: @team }
          })
        }
      }
    end
  end

  def teams_datatable
    respond_to do |format|
      format.json do
        render json: ::TeamsDatatable.new(view_context, @user)
      end
    end
  end

  def team_users_datatable
    respond_to do |format|
      format.json {
        render json: ::TeamUsersDatatable.new(view_context, @team, @user)
      }
    end
  end

  def new_team
    @new_team = Team.new
  end

  def create_team
    @new_team = Team.new(create_team_params)
    @new_team.created_by = @user

    if @new_team.save
      # Okay, team is created, now
      # add the current user as admin
      UserTeam.create(
        user: @user,
        team: @new_team,
        role: 2
      )

      # Redirect to new team page
      redirect_to action: :team, team_id: @new_team.id
    else
      render :new_team
    end
  end

  def destroy_team
    @team.destroy

    flash[:notice] = I18n.t(
      "users.settings.teams.edit.modal_destroy_team.flash_success",
      team: @team.name
    )

    # Redirect back to all teams page
    redirect_to action: :teams
  end

  def update_user_team
    respond_to do |format|
      if @user_team.update(update_user_team_params)
        format.json {
          render json: {
            status: :ok
          }
        }
      else
        format.json {
          render json: @user_team.errors,
          status: :unprocessable_entity
        }
      end
    end
  end

  def leave_user_team_html
    respond_to do |format|
      format.json do
        render json: {
          html: render_to_string(
            partial: 'users/settings/teams/leave_user_team_modal_body.html.erb',
            locals: { user_team: @user_team }
          ),
          heading: I18n.t(
            'users.settings.teams.index.leave_uo_heading',
            team: escape_input(@user_team.team.name)
          )
        }
      end
    end
  end

  def destroy_user_team_html
    respond_to do |format|
      format.json do
        render json: {
          html: render_to_string(
            partial: 'users/settings/teams/' \
                     'destroy_user_team_modal_body.html.erb',
            locals: { user_team: @user_team }
          ),
          heading: I18n.t(
            'users.settings.teams.edit.destroy_uo_heading',
            user: escape_input(@user_team.user.full_name),
            team: escape_input(@user_team.team.name)
          )
        }
      end
    end
  end

  def destroy_user_team
    respond_to do |format|
      # If user is last administrator of team,
      # he/she cannot be deleted from it.
      invalid =
        @user_team.admin? &&
        @user_team
        .team
        .user_teams
        .where(role: 2)
        .count <= 1

        if !invalid then
          begin
            UserTeam.transaction do
              # If user leaves on his/her own accord,
              # new owner for projects is the first
              # administrator of team
              if params[:leave]
                new_owner =
                  @user_team
                  .team
                  .user_teams
                  .where(role: 2)
                  .where.not(id: @user_team.id)
                  .first
                  .user
              else
                # Otherwise, the new owner for projects is
                # the current user (= an administrator removing
                # the user from the team)
                new_owner = current_user
              end
              reset_user_current_team(@user_team)
              @user_team.destroy(new_owner)
            end
          rescue Exception
            invalid = true
          end
        end

      if !invalid
        if params[:leave] then
          flash[:notice] = I18n.t(
            'users.settings.teams.index.leave_flash',
            team: @user_team.team.name
          )
          flash.keep(:notice)
        end
        generate_notification(@user_team.user,
                              @user_team.user,
                              @user_team.team,
                              false,
                              false)
        format.json {
          render json: {
            status: :ok
          }
        }
      else
        format.json {
          render json: @user_team.errors,
          status: :unprocessable_entity
        }
      end
    end
  end

  def user_current_team
    team_id = params[:user][:current_team_id].to_i
    if @user.teams_ids.include?(team_id)
      @user.current_team_id = team_id
      @changed_team = Team.find_by_id(@user.current_team_id)
      if @user.save
        flash[:success] = t('users.settings.changed_team_flash',
                            team: @changed_team.name)
        redirect_to root_path
        return
      end
    end
    flash[:alert] = t('users.settings.changed_team_error_flash')
    redirect_to :back
  end

  private

  def load_user
    @user = current_user
  end

  def check_team_permission
    @team = Team.find_by_id(params[:team_id])
    unless is_admin_of_team(@team)
      render_403
    end
  end

  def check_user_team_permission
    @user_team = UserTeam.find_by_id(params[:user_team_id])
    @team = @user_team.team
    # Don't allow the user to modify UserTeam-s if he's not admin,
    # unless he/she is modifying his/her UserTeam
    if current_user != @user_team.user &&
       !is_admin_of_team(@user_team.team)
      render_403
    end
  end

  def create_team_params
    params.require(:team).permit(
      :name,
      :description
    )
  end

  def update_team_params
    params.require(:team).permit(
      :name,
      :description
    )
  end

  def create_user_params
    params.require(:user).permit(
      :full_name,
      :email
    )
  end

  def update_user_team_params
    params.require(:user_team).permit(
      :role
    )
  end

  def reset_user_current_team(user_team)
    ids = user_team.user.teams_ids
    ids -= [user_team.team.id]
    user_team.user.current_team_id = ids.first
    user_team.user.save
  end
end
Initial commit. 2016-02-12 23:52:43 +08:00			`class Users::SettingsController < ApplicationController`
			`include UsersGenerator`
refactoring notification method 2016-11-07 22:31:06 +08:00			`include NotificationsHelper`
SAnitize AJAX calls in controllers and datatables [SCI-102] 2017-01-04 22:04:12 +08:00			`include InputSanitizeHelper`
Initial commit. 2016-02-12 23:52:43 +08:00
			`before_action :load_user, only: [`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`:teams,`
			`:team,`
			`:create_team,`
Add datatable to all teams page [SCI-936] 2017-02-02 16:53:59 +08:00			`:teams_datatable,`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`:team_users_datatable,`
			`:user_current_team,`
			`:destroy_user_team`
Initial commit. 2016-02-12 23:52:43 +08:00			`]`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`before_action :check_team_permission, only: [`
			`:team,`
			`:update_team,`
			`:destroy_team,`
			`:team_name,`
			`:team_description,`
			`:team_users_datatable`
Initial commit. 2016-02-12 23:52:43 +08:00			`]`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`before_action :check_user_team_permission, only: [`
			`:update_user_team,`
			`:leave_user_team_html,`
			`:destroy_user_team_html,`
			`:destroy_user_team`
Initial commit. 2016-02-12 23:52:43 +08:00			`]`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def teams`
			`@user_teams =`
Initial commit. 2016-02-12 23:52:43 +08:00			`@user`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`.user_teams`
			`.includes(team: :users)`
Initial commit. 2016-02-12 23:52:43 +08:00			`.order(created_at: :asc)`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`@member_of = @user_teams.count`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def team`
rename Organization to Team in controllers 2017-01-25 00:06:51 +08:00			`@user_team = UserTeam.find_by(user: @user, team: @team)`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def update_team`
Initial commit. 2016-02-12 23:52:43 +08:00			`respond_to do \|format\|`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`if @team.update(update_team_params)`
			`@team.update(last_modified_by: current_user)`
Initial commit. 2016-02-12 23:52:43 +08:00			`format.json {`
			`render json: {`
			`status: :ok,`
			`description_label: render_to_string(`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`partial: "users/settings/teams/description_label.html.erb",`
			`locals: { team: @team }`
Initial commit. 2016-02-12 23:52:43 +08:00			`)`
			`}`
			`}`
			`else`
			`format.json {`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`render json: @team.errors,`
Initial commit. 2016-02-12 23:52:43 +08:00			`status: :unprocessable_entity`
			`}`
			`end`
			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def team_name`
Initial commit. 2016-02-12 23:52:43 +08:00			`respond_to do \|format\|`
			`format.json {`
			`render json: {`
			`html: render_to_string({`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`partial: "users/settings/teams/name_modal_body.html.erb",`
			`locals: { team: @team }`
Initial commit. 2016-02-12 23:52:43 +08:00			`})`
			`}`
			`}`
			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def team_description`
Initial commit. 2016-02-12 23:52:43 +08:00			`respond_to do \|format\|`
			`format.json {`
			`render json: {`
			`html: render_to_string({`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`partial: "users/settings/teams/description_modal_body.html.erb",`
			`locals: { team: @team }`
Initial commit. 2016-02-12 23:52:43 +08:00			`})`
			`}`
			`}`
			`end`
			`end`

Add datatable to all teams page [SCI-936] 2017-02-02 16:53:59 +08:00			`def teams_datatable`
			`respond_to do \|format\|`
			`format.json do`
			`render json: ::TeamsDatatable.new(view_context, @user)`
			`end`
			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def team_users_datatable`
Initial commit. 2016-02-12 23:52:43 +08:00			`respond_to do \|format\|`
			`format.json {`
rename Organization to Team in controllers 2017-01-25 00:06:51 +08:00			`render json: ::TeamUsersDatatable.new(view_context, @team, @user)`
Initial commit. 2016-02-12 23:52:43 +08:00			`}`
			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def new_team`
rename Organization to Team in controllers 2017-01-25 00:06:51 +08:00			`@new_team = Team.new`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def create_team`
rename Organization to Team in controllers 2017-01-25 00:06:51 +08:00			`@new_team = Team.new(create_team_params)`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`@new_team.created_by = @user`
Initial commit. 2016-02-12 23:52:43 +08:00
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`if @new_team.save`
			`# Okay, team is created, now`
Initial commit. 2016-02-12 23:52:43 +08:00			`# add the current user as admin`
rename Organization to Team in controllers 2017-01-25 00:06:51 +08:00			`UserTeam.create(`
Initial commit. 2016-02-12 23:52:43 +08:00			`user: @user,`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`team: @new_team,`
Initial commit. 2016-02-12 23:52:43 +08:00			`role: 2`
			`)`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`# Redirect to new team page`
			`redirect_to action: :team, team_id: @new_team.id`
Initial commit. 2016-02-12 23:52:43 +08:00			`else`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`render :new_team`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def destroy_team`
			`@team.destroy`
Initial commit. 2016-02-12 23:52:43 +08:00
			`flash[:notice] = I18n.t(`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`"users.settings.teams.edit.modal_destroy_team.flash_success",`
			`team: @team.name`
Initial commit. 2016-02-12 23:52:43 +08:00			`)`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`# Redirect back to all teams page`
			`redirect_to action: :teams`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def update_user_team`
Initial commit. 2016-02-12 23:52:43 +08:00			`respond_to do \|format\|`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`if @user_team.update(update_user_team_params)`
Initial commit. 2016-02-12 23:52:43 +08:00			`format.json {`
			`render json: {`
			`status: :ok`
			`}`
			`}`
			`else`
			`format.json {`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`render json: @user_team.errors,`
Initial commit. 2016-02-12 23:52:43 +08:00			`status: :unprocessable_entity`
			`}`
			`end`
			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def leave_user_team_html`
Initial commit. 2016-02-12 23:52:43 +08:00			`respond_to do \|format\|`
fixes hound 2017-01-31 20:33:55 +08:00			`format.json do`
Initial commit. 2016-02-12 23:52:43 +08:00			`render json: {`
fixes hound 2017-01-31 20:33:55 +08:00			`html: render_to_string(`
			`partial: 'users/settings/teams/leave_user_team_modal_body.html.erb',`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`locals: { user_team: @user_team }`
fixes hound 2017-01-31 20:33:55 +08:00			`),`
Initial commit. 2016-02-12 23:52:43 +08:00			`heading: I18n.t(`
fixes hound 2017-01-31 20:33:55 +08:00			`'users.settings.teams.index.leave_uo_heading',`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`team: escape_input(@user_team.team.name)`
Initial commit. 2016-02-12 23:52:43 +08:00			`)`
			`}`
fixes hound 2017-01-31 20:33:55 +08:00			`end`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def destroy_user_team_html`
Initial commit. 2016-02-12 23:52:43 +08:00			`respond_to do \|format\|`
fixes hound 2017-01-31 20:33:55 +08:00			`format.json do`
Initial commit. 2016-02-12 23:52:43 +08:00			`render json: {`
fixes hound 2017-01-31 20:33:55 +08:00			`html: render_to_string(`
			`partial: 'users/settings/teams/' \`
			`'destroy_user_team_modal_body.html.erb',`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`locals: { user_team: @user_team }`
fixes hound 2017-01-31 20:33:55 +08:00			`),`
Initial commit. 2016-02-12 23:52:43 +08:00			`heading: I18n.t(`
fixes hound 2017-01-31 20:33:55 +08:00			`'users.settings.teams.edit.destroy_uo_heading',`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`user: escape_input(@user_team.user.full_name),`
			`team: escape_input(@user_team.team.name)`
Initial commit. 2016-02-12 23:52:43 +08:00			`)`
			`}`
fixes hound 2017-01-31 20:33:55 +08:00			`end`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def destroy_user_team`
Initial commit. 2016-02-12 23:52:43 +08:00			`respond_to do \|format\|`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`# If user is last administrator of team,`
Initial commit. 2016-02-12 23:52:43 +08:00			`# he/she cannot be deleted from it.`
			`invalid =`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`@user_team.admin? &&`
			`@user_team`
			`.team`
			`.user_teams`
Initial commit. 2016-02-12 23:52:43 +08:00			`.where(role: 2)`
			`.count <= 1`

Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`if !invalid then`
			`begin`
rename Organization to Team in controllers 2017-01-25 00:06:51 +08:00			`UserTeam.transaction do`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`# If user leaves on his/her own accord,`
			`# new owner for projects is the first`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`# administrator of team`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`if params[:leave]`
			`new_owner =`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`@user_team`
			`.team`
			`.user_teams`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`.where(role: 2)`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`.where.not(id: @user_team.id)`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`.first`
			`.user`
			`else`
			`# Otherwise, the new owner for projects is`
			`# the current user (= an administrator removing`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`# the user from the team)`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`new_owner = current_user`
			`end`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`reset_user_current_team(@user_team)`
			`@user_team.destroy(new_owner)`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`end`
			`rescue Exception`
			`invalid = true`
			`end`
			`end`

			`if !invalid`
Initial commit. 2016-02-12 23:52:43 +08:00			`if params[:leave] then`
			`flash[:notice] = I18n.t(`
fixes hound 2017-01-31 20:33:55 +08:00			`'users.settings.teams.index.leave_flash',`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`team: @user_team.team.name`
Initial commit. 2016-02-12 23:52:43 +08:00			`)`
			`flash.keep(:notice)`
			`end`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`generate_notification(@user_team.user,`
			`@user_team.user,`
			`@user_team.team,`
refactoring notification method 2016-11-07 22:31:06 +08:00			`false,`
fix hound 2016-11-02 20:32:15 +08:00			`false)`
Initial commit. 2016-02-12 23:52:43 +08:00			`format.json {`
			`render json: {`
			`status: :ok`
			`}`
			`}`
			`else`
			`format.json {`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`render json: @user_team.errors,`
Initial commit. 2016-02-12 23:52:43 +08:00			`status: :unprocessable_entity`
			`}`
			`end`
			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def user_current_team`
Check that user is a member of a team when switching to it [SCI-984] 2017-02-03 23:10:37 +08:00			`team_id = params[:user][:current_team_id].to_i`
			`if @user.teams_ids.include?(team_id)`
			`@user.current_team_id = team_id`
			`@changed_team = Team.find_by_id(@user.current_team_id)`
			`if @user.save`
			`flash[:success] = t('users.settings.changed_team_flash',`
			`team: @changed_team.name)`
			`redirect_to root_path`
			`return`
			`end`
setup global team switch view and controller action 2016-10-11 17:40:14 +08:00			`end`
Check that user is a member of a team when switching to it [SCI-984] 2017-02-03 23:10:37 +08:00			`flash[:alert] = t('users.settings.changed_team_error_flash')`
			`redirect_to :back`
setup global team switch view and controller action 2016-10-11 17:40:14 +08:00			`end`

Initial commit. 2016-02-12 23:52:43 +08:00			`private`

			`def load_user`
			`@user = current_user`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def check_team_permission`
rename Organization to Team in controllers 2017-01-25 00:06:51 +08:00			`@team = Team.find_by_id(params[:team_id])`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`unless is_admin_of_team(@team)`
Initial commit. 2016-02-12 23:52:43 +08:00			`render_403`
			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def check_user_team_permission`
rename Organization to Team in controllers 2017-01-25 00:06:51 +08:00			`@user_team = UserTeam.find_by_id(params[:user_team_id])`
rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`@team = @user_team.team`
rename Organization to Team in controllers 2017-01-25 00:06:51 +08:00			`# Don't allow the user to modify UserTeam-s if he's not admin,`
			`# unless he/she is modifying his/her UserTeam`
fixes hound 2017-01-31 20:33:55 +08:00			`if current_user != @user_team.user &&`
			`!is_admin_of_team(@user_team.team)`
Initial commit. 2016-02-12 23:52:43 +08:00			`render_403`
			`end`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def create_team_params`
			`params.require(:team).permit(`
Initial commit. 2016-02-12 23:52:43 +08:00			`:name,`
			`:description`
			`)`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def update_team_params`
			`params.require(:team).permit(`
Initial commit. 2016-02-12 23:52:43 +08:00			`:name,`
			`:description`
			`)`
			`end`

			`def create_user_params`
			`params.require(:user).permit(`
			`:full_name,`
			`:email`
			`)`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def update_user_team_params`
			`params.require(:user_team).permit(`
Initial commit. 2016-02-12 23:52:43 +08:00			`:role`
			`)`
			`end`

rename controllers where org/organization 2017-01-24 23:57:14 +08:00			`def reset_user_current_team(user_team)`
			`ids = user_team.user.teams_ids`
			`ids -= [user_team.team.id]`
			`user_team.user.current_team_id = ids.first`
			`user_team.user.save`
first run 2016-10-25 02:07:20 +08:00			`end`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`