scinote-web/app/controllers/user_my_modules_controller.rb

# frozen_string_literal: true

class UserMyModulesController < ApplicationController
  include InputSanitizeHelper

  before_action :load_vars
  before_action :check_view_permissions, except: %i(create destroy)
  before_action :check_manage_permissions, only: %i(create destroy)

  def index_old
    @user_my_modules = @my_module.user_my_modules

    respond_to do |format|
      format.json do
        render json: {
          html: render_to_string(
            partial: 'index_old.html.erb'
          ),
          my_module_id: @my_module.id,
          counter: @my_module.designated_users.count # Used for counter badge
        }
      end
    end
  end

  def index
    respond_to do |format|
      format.json do
        render json: {
          html: render_to_string(
            partial: 'index.html.erb'
          )
        }
      end
    end
  end

  def index_edit
    @user_my_modules = @my_module.user_my_modules
    @undesignated_users = @my_module.undesignated_users.order(full_name: :asc)
    @new_um = UserMyModule.new(my_module: @my_module)

    respond_to do |format|
      format.json do
        render json: {
          my_module: @my_module,
          html: render_to_string(
            partial: 'index_edit.html.erb'
          )
        }
      end
    end
  end

  def create
    @um = UserMyModule.new(um_params.merge(my_module: @my_module))
    @um.assigned_by = current_user

    if @um.save
      @um.log_activity(:designate_user_to_my_module, current_user)

      respond_to do |format|
        format.json do
          render json: {
            user: {
              id: @um.user.id,
              full_name: @um.user.full_name,
              avatar_url: avatar_path(@um.user, :icon_small),
              user_module_id: @um.id
            }, status: :ok
          }
        end
      end
    else
      respond_to do |format|
        format.json do
          render json: {
            errors: @um.errors
          }, status: :unprocessable_entity
        end
      end
    end
  end

  def destroy
    if @um.destroy
      @um.log_activity(:undesignate_user_from_my_module, current_user)

      respond_to do |format|
        format.json do
          render json: {}, status: :ok
        end
      end
    else
      respond_to do |format|
        format.json do
          render json: {
            errors: @um.errors
          }, status: :unprocessable_entity
        end
      end
    end
  end

  def search
    users = @my_module.users
                      .joins("LEFT OUTER JOIN user_my_modules ON user_my_modules.user_id = users.id "\
                             "AND user_my_modules.my_module_id = #{@my_module.id}")
                      .search(false, params[:query])
                      .limit(Constants::SEARCH_LIMIT)
                      .select('users.*')
                      .select('CASE WHEN user_my_modules.id IS NOT NULL '\
                              'THEN true ELSE false END as designated')

    users = users.map do |user|
      {
        value: user.id,
        label: sanitize_input(user.full_name),
        params: { avatar_url: avatar_path(user, :icon_small), designated: user.designated }
      }
    end

    render json: users
  end

  private

  def load_vars
    @my_module = MyModule.find(params[:my_module_id])
    @project = @my_module.experiment.project
    @um = UserMyModule.find(params[:id]) if action_name == 'destroy'
  rescue ActiveRecord::RecordNotFound
    render_404
  end

  def check_view_permissions
    render_403 unless can_read_my_module?(@my_module)
  end

  def check_manage_permissions
    render_403 unless can_manage_my_module_designated_users?(@my_module)
  end

  def um_params
    params.require(:user_my_module).permit(:user_id, :my_module_id)
  end
end
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`# frozen_string_literal: true`

Initial commit. 2016-02-12 16:52:43 +01:00			`class UserMyModulesController < ApplicationController`
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`include InputSanitizeHelper`

Initial commit. 2016-02-12 16:52:43 +01:00			`before_action :load_vars`
Update/implement permission checks in the my_modules_controller and my_modules_status_flow_controller [SCI-6061][SCI-6063] 2021-09-22 11:28:32 +02:00			`before_action :check_view_permissions, except: %i(create destroy)`
Show assigned users modal also for view 2020-06-30 09:20:53 +02:00			`before_action :check_manage_permissions, only: %i(create destroy)`
Refactor user projects & user my modules code 2016-11-22 15:16:26 +01:00
small refactor 2020-04-14 17:25:36 +02:00			`def index_old`
Refactor user projects & user my modules code 2016-11-22 15:16:26 +01:00			`@user_my_modules = @my_module.user_my_modules`

			`respond_to do \|format\|`
Fix Hound errors 2016-11-22 15:19:12 +01:00			`format.json do`
			`render json: {`
			`html: render_to_string(`
small refactor 2020-04-14 17:25:36 +02:00			`partial: 'index_old.html.erb'`
Add counters for users and comments on canvas [SCI-152] 2017-05-08 17:32:55 +02:00			`),`
			`my_module_id: @my_module.id,`
Update usage of user_my_modules [SCI-6121] (#3585) 2021-10-13 10:10:14 +02:00			`counter: @my_module.designated_users.count # Used for counter badge`
Refactor user projects & user my modules code 2016-11-22 15:16:26 +01:00			`}`
Fix Hound errors 2016-11-22 15:19:12 +01:00			`end`
Refactor user projects & user my modules code 2016-11-22 15:16:26 +01:00			`end`
			`end`
Initial commit. 2016-02-12 16:52:43 +01:00
small refactor 2020-04-14 17:25:36 +02:00			`def index`
Add the user management secion of to the Details section of task layout 2020-04-08 16:24:59 +02:00			`respond_to do \|format\|`
			`format.json do`
			`render json: {`
			`html: render_to_string(`
small refactor 2020-04-14 17:25:36 +02:00			`partial: 'index.html.erb'`
Add the user management secion of to the Details section of task layout 2020-04-08 16:24:59 +02:00			`)`
			`}`
			`end`
			`end`
			`end`

Initial commit. 2016-02-12 16:52:43 +01:00			`def index_edit`
			`@user_my_modules = @my_module.user_my_modules`
Fixed unassigned user methods, order by name [SCI-6104] (#3589) 2021-10-13 09:50:06 +02:00			`@undesignated_users = @my_module.undesignated_users.order(full_name: :asc)`
Initial commit. 2016-02-12 16:52:43 +01:00			`@new_um = UserMyModule.new(my_module: @my_module)`

			`respond_to do \|format\|`
Add counters for users and comments on canvas [SCI-152] 2017-05-08 17:32:55 +02:00			`format.json do`
			`render json: {`
			`my_module: @my_module,`
			`html: render_to_string(`
			`partial: 'index_edit.html.erb'`
			`)`
Initial commit. 2016-02-12 16:52:43 +01:00			`}`
Add counters for users and comments on canvas [SCI-152] 2017-05-08 17:32:55 +02:00			`end`
Initial commit. 2016-02-12 16:52:43 +01:00			`end`
			`end`

			`def create`
			`@um = UserMyModule.new(um_params.merge(my_module: @my_module))`
			`@um.assigned_by = current_user`
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00
Initial commit. 2016-02-12 16:52:43 +01:00			`if @um.save`
Add task assignment API [SCI-6846] (#4123) * Add user assignment to task API [SCI-6846] * Add test for task assignments [SCI-6846] 2022-06-03 10:09:42 +02:00			`@um.log_activity(:designate_user_to_my_module, current_user)`
Task activities refactoring, without tests 2019-03-18 15:03:14 +01:00
Initial commit. 2016-02-12 16:52:43 +01:00			`respond_to do \|format\|`
Fix adding users to a task [SCI-1870] 2017-12-20 13:39:35 +01:00			`format.json do`
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`render json: {`
			`user: {`
			`id: @um.user.id,`
			`full_name: @um.user.full_name,`
			`avatar_url: avatar_path(@um.user, :icon_small),`
			`user_module_id: @um.id`
			`}, status: :ok`
			`}`
Fix adding users to a task [SCI-1870] 2017-12-20 13:39:35 +01:00			`end`
Initial commit. 2016-02-12 16:52:43 +01:00			`end`
			`else`
			`respond_to do \|format\|`
Prevent user being added to project/task multiple times [SCI-2869] 2018-11-20 14:29:33 +01:00			`format.json do`
			`render json: {`
			`errors: @um.errors`
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`}, status: :unprocessable_entity`
Prevent user being added to project/task multiple times [SCI-2869] 2018-11-20 14:29:33 +01:00			`end`
Initial commit. 2016-02-12 16:52:43 +01:00			`end`
			`end`
			`end`

			`def destroy`
			`if @um.destroy`
Add task assignment API [SCI-6846] (#4123) * Add user assignment to task API [SCI-6846] * Add test for task assignments [SCI-6846] 2022-06-03 10:09:42 +02:00			`@um.log_activity(:undesignate_user_from_my_module, current_user)`
Initial commit. 2016-02-12 16:52:43 +01:00
			`respond_to do \|format\|`
Fix Ajax calls with redirect [SCI-1837] 2017-11-29 16:13:28 +01:00			`format.json do`
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`render json: {}, status: :ok`
Fix Ajax calls with redirect [SCI-1837] 2017-11-29 16:13:28 +01:00			`end`
Initial commit. 2016-02-12 16:52:43 +01:00			`end`
			`else`
			`respond_to do \|format\|`
Prevent user being added to project/task multiple times [SCI-2869] 2018-11-20 14:29:33 +01:00			`format.json do`
			`render json: {`
			`errors: @um.errors`
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`}, status: :unprocessable_entity`
Prevent user being added to project/task multiple times [SCI-2869] 2018-11-20 14:29:33 +01:00			`end`
Initial commit. 2016-02-12 16:52:43 +01:00			`end`
			`end`
			`end`

Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`def search`
			`users = @my_module.users`
Update the existing endpoint for listing the users with access to the task [SCI-7439] 2022-11-23 17:20:14 +01:00			`.joins("LEFT OUTER JOIN user_my_modules ON user_my_modules.user_id = users.id "\`
			`"AND user_my_modules.my_module_id = #{@my_module.id}")`
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`.search(false, params[:query])`
			`.limit(Constants::SEARCH_LIMIT)`
Update the existing endpoint for listing the users with access to the task [SCI-7439] 2022-11-23 17:20:14 +01:00			`.select('users.*')`
			`.select('CASE WHEN user_my_modules.id IS NOT NULL '\`
			`'THEN true ELSE false END as designated')`
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00
			`users = users.map do \|user\|`
			`{`
			`value: user.id,`
			`label: sanitize_input(user.full_name),`
Update the existing endpoint for listing the users with access to the task [SCI-7439] 2022-11-23 17:20:14 +01:00			`params: { avatar_url: avatar_path(user, :icon_small), designated: user.designated }`
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`}`
			`end`
Initial commit. 2016-02-12 16:52:43 +01:00
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`render json: users`
			`end`
Initial commit. 2016-02-12 16:52:43 +01:00
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`private`
Initial commit. 2016-02-12 16:52:43 +01:00
Task UX: Update assigning a Task to user(s) (#3429) * add dynmic select for user assignment on task * update the user assignment so it looks like tags picker * fix code style * Code style fixes [SCI-5871] * Code style fixes [SCI-5871] * Destroy and search action fixes [SCI-5871] Co-authored-by: Martin Artnik <martin@scinote.net> 2021-10-14 11:49:27 +02:00			`def load_vars`
			`@my_module = MyModule.find(params[:my_module_id])`
			`@project = @my_module.experiment.project`
			`@um = UserMyModule.find(params[:id]) if action_name == 'destroy'`
			`rescue ActiveRecord::RecordNotFound`
			`render_404`
Initial commit. 2016-02-12 16:52:43 +01:00			`end`

Refactor user projects & user my modules code 2016-11-22 15:16:26 +01:00			`def check_view_permissions`
Update/implement permission checks in the my_modules_controller and my_modules_status_flow_controller [SCI-6061][SCI-6063] 2021-09-22 11:28:32 +02:00			`render_403 unless can_read_my_module?(@my_module)`
Initial commit. 2016-02-12 16:52:43 +01:00			`end`

Refactored remaining experiment level permissions (and everything below it). 2018-02-09 16:14:40 +01:00			`def check_manage_permissions`
Added granular task permissions, permission check fixes [SCI-6278] (#3683) 2021-11-19 13:24:57 +01:00			`render_403 unless can_manage_my_module_designated_users?(@my_module)`
Initial commit. 2016-02-12 16:52:43 +01:00			`end`

			`def um_params`
			`params.require(:user_my_module).permit(:user_id, :my_module_id)`
			`end`
			`end`