scinote-web/app/controllers/step_comments_controller.rb

# frozen_string_literal: true

class StepCommentsController < ApplicationController
  include ActionView::Helpers::TextHelper
  include InputSanitizeHelper
  include ApplicationHelper
  include CommentHelper

  before_action :load_vars

  before_action :check_view_permissions, only: [:index]
  before_action :check_add_permissions, only: [:create]
  before_action :check_update_permissions, only: %i(update)
  before_action :check_destroy_permissions, only: %i(destroy)

  def index
    comments = @step.last_comments(@last_comment_id, @per_page)
    more_url = step_step_comments_path(@step, format: :json, from: comments.first.id) unless comments.blank?
    comment_index_helper(comments, more_url)
  end

  def create
    @comment = StepComment.new(
      message: comment_params[:message],
      user: current_user,
      step: @step
    )
    comment_create_helper(@comment)
  end

  def update
    old_text = @comment.message
    @comment.message = comment_params[:message]
    comment_update_helper(@comment, old_text)
  end

  def destroy
    comment_destroy_helper(@comment)
  end

  private

  def load_vars
    @last_comment_id = params[:from].to_i
    @per_page = Constants::COMMENTS_SEARCH_LIMIT
    @step = Step.find_by_id(params[:step_id])
    @protocol = @step&.protocol

    render_404 unless @step && @protocol
  end

  def check_view_permissions
    render_403 unless can_read_protocol_in_module?(@protocol)
  end

  def check_add_permissions
    render_403 unless can_create_my_module_comments?(@protocol.my_module)
  end

  def check_destroy_permissions
    @comment = @step.step_comments.find_by(id: params[:id])
    render_403 unless @comment.present? &&
                      can_delete_comment_in_my_module_steps?(@comment)
  end

  def check_update_permissions
    @comment = @step.step_comments.find_by(id: params[:id])
    render_403 unless @comment.present? &&
                      can_update_comment_in_my_module_steps?(@comment)
  end

  def comment_params
    params.require(:comment).permit(:message)
  end

  def log_activity(type_of)
    Activities::CreateActivityService
      .call(activity_type: type_of,
            owner: current_user,
            subject: @protocol,
            team: @step.my_module.team,
            project: @step.my_module.project,
            message_items: {
              my_module: @step.my_module.id,
              step: @step.id,
              step_position: { id: @step.id, value_for: 'position_plus_one' }
            })
  end
end
Refactored comments over SciNote [SCI-3505] (#1808) * Preparing helpers for comments * Refactored comments over scinote * Update events 2019-06-04 20:40:21 +08:00			`# frozen_string_literal: true`

Initial commit. 2016-02-12 23:52:43 +08:00			`class StepCommentsController < ApplicationController`
Fix 2 bugs with comments editing Closes SCI-820. 2016-12-24 03:41:23 +08:00			`include ActionView::Helpers::TextHelper`
Fix includes [SCI-102] 2017-01-13 00:02:01 +08:00			`include InputSanitizeHelper`
adds user preview to user smart annotation [fixes SCI-832] 2017-01-13 18:34:10 +08:00			`include ApplicationHelper`
Refactored comments over SciNote [SCI-3505] (#1808) * Preparing helpers for comments * Refactored comments over scinote * Update events 2019-06-04 20:40:21 +08:00			`include CommentHelper`
Fix 2 bugs with comments editing Closes SCI-820. 2016-12-24 03:41:23 +08:00
Initial commit. 2016-02-12 23:52:43 +08:00			`before_action :load_vars`

styled step comments 2016-09-20 20:13:40 +08:00			`before_action :check_view_permissions, only: [:index]`
Finish removing new comment forms 2016-11-19 23:54:55 +08:00			`before_action :check_add_permissions, only: [:create]`
Rework experiment permissions [SCI-6054] (#3538) * Rework experiment permissions [SCI-6054] 2021-09-30 17:32:11 +08:00			`before_action :check_update_permissions, only: %i(update)`
			`before_action :check_destroy_permissions, only: %i(destroy)`
Initial commit. 2016-02-12 23:52:43 +08:00
			`def index`
Refactored comments over SciNote [SCI-3505] (#1808) * Preparing helpers for comments * Refactored comments over scinote * Update events 2019-06-04 20:40:21 +08:00			`comments = @step.last_comments(@last_comment_id, @per_page)`
Replace empty? with blank? [SCI-5579] 2021-07-23 17:56:28 +08:00			`more_url = step_step_comments_path(@step, format: :json, from: comments.first.id) unless comments.blank?`
Refactored comments over SciNote [SCI-3505] (#1808) * Preparing helpers for comments * Refactored comments over scinote * Update events 2019-06-04 20:40:21 +08:00			`comment_index_helper(comments, more_url)`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`

			`def create`
Refactoring of the comments using STI [SCI-1090] 2017-03-08 20:18:20 +08:00			`@comment = StepComment.new(`
Initial commit. 2016-02-12 23:52:43 +08:00			`message: comment_params[:message],`
Refactoring of the comments using STI [SCI-1090] 2017-03-08 20:18:20 +08:00			`user: current_user,`
			`step: @step`
			`)`
Refactored comments over SciNote [SCI-3505] (#1808) * Preparing helpers for comments * Refactored comments over scinote * Update events 2019-06-04 20:40:21 +08:00			`comment_create_helper(@comment)`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`end`

			`def update`
completed step annotations 2017-04-06 14:42:16 +08:00			`old_text = @comment.message`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`@comment.message = comment_params[:message]`
Refactored comments over SciNote [SCI-3505] (#1808) * Preparing helpers for comments * Refactored comments over scinote * Update events 2019-06-04 20:40:21 +08:00			`comment_update_helper(@comment, old_text)`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`end`

			`def destroy`
Refactored comments over SciNote [SCI-3505] (#1808) * Preparing helpers for comments * Refactored comments over scinote * Update events 2019-06-04 20:40:21 +08:00			`comment_destroy_helper(@comment)`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`end`

Initial commit. 2016-02-12 23:52:43 +08:00			`private`

			`def load_vars`
			`@last_comment_id = params[:from].to_i`
Ruby constants are now automatically available in JS. Refactoring was needed. 2016-10-05 23:45:20 +08:00			`@per_page = Constants::COMMENTS_SEARCH_LIMIT`
Initial commit. 2016-02-12 23:52:43 +08:00			`@step = Step.find_by_id(params[:step_id])`
Fix nil handling in different places [SCI-2840] (#1777) * Fix nil handling in different places 2019-05-21 21:53:34 +08:00			`@protocol = @step&.protocol`
Initial commit. 2016-02-12 23:52:43 +08:00
Refactored comments over SciNote [SCI-3505] (#1808) * Preparing helpers for comments * Refactored comments over scinote * Update events 2019-06-04 20:40:21 +08:00			`render_404 unless @step && @protocol`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`

			`def check_view_permissions`
Grouped remaining permissions for experiment, protocol, task, and partially step levels. [SCI-1964] 2018-02-02 01:41:28 +08:00			`render_403 unless can_read_protocol_in_module?(@protocol)`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`

			`def check_add_permissions`
Reworked MyModule permissions [SCI-6056] 2021-09-14 17:08:35 +08:00			`render_403 unless can_create_my_module_comments?(@protocol.my_module)`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`end`

Rework experiment permissions [SCI-6054] (#3538) * Rework experiment permissions [SCI-6054] 2021-09-30 17:32:11 +08:00			`def check_destroy_permissions`
			`@comment = @step.step_comments.find_by(id: params[:id])`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`render_403 unless @comment.present? &&`
Rework experiment permissions [SCI-6054] (#3538) * Rework experiment permissions [SCI-6054] 2021-09-30 17:32:11 +08:00			`can_delete_comment_in_my_module_steps?(@comment)`
			`end`

			`def check_update_permissions`
			`@comment = @step.step_comments.find_by(id: params[:id])`
			`render_403 unless @comment.present? &&`
			`can_update_comment_in_my_module_steps?(@comment)`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`end`

Initial commit. 2016-02-12 23:52:43 +08:00			`def comment_params`
			`params.require(:comment).permit(:message)`
			`end`
completed step annotations 2017-04-06 14:42:16 +08:00
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00			`def log_activity(type_of)`
			`Activities::CreateActivityService`
			`.call(activity_type: type_of,`
			`owner: current_user,`
			`subject: @protocol,`
Improve activity records creation in controllers [SCI-7505] 2022-11-24 22:19:17 +08:00			`team: @step.my_module.team,`
			`project: @step.my_module.project,`
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00			`message_items: {`
Change activities for task protocols 2019-03-29 22:09:20 +08:00			`my_module: @step.my_module.id,`
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00			`step: @step.id,`
Refactor step activities using position_plus_one Closes SCI-3273 2019-04-03 19:10:45 +08:00			`step_position: { id: @step.id, value_for: 'position_plus_one' }`
Protocol activities refactoring, without tests 2019-03-19 23:12:07 +08:00			`})`
			`end`
Initial commit. 2016-02-12 23:52:43 +08:00			`end`