scinote-web/app/controllers/client_api/users/user_teams_controller.rb

module ClientApi
  module Users
    class UserTeamsController < ApplicationController
      include ClientApi::Users::UserTeamsHelper

      before_action :check_leave_team_permission, only: :leave_team
      before_action :check_manage_user_team_permission,
                    only: %i(update_role remove_user)

      def leave_team
        ut_service = ClientApi::UserTeamService.new(
          user: current_user,
          team_id: params[:team],
          user_team_id: params[:user_team]
        )
        ut_service.destroy_user_team_and_assign_new_team_owner!
        success_response('/client_api/teams/index', ut_service.teams_data)
      rescue ClientApi::CustomUserTeamError
        unsuccess_response(t('client_api.user_teams.leave_team_error'))
      end

      def update_role
        ut_service = ClientApi::UserTeamService.new(
          user: current_user,
          team_id: params[:team],
          user_team_id: params[:user_team],
          role: params[:role]
        )
        ut_service.update_role!
        success_response('/client_api/teams/team_users',
                         ut_service.team_users_data)
      rescue ClientApi::CustomUserTeamError => error
        unsuccess_response(error.to_s)
      end

      def remove_user
        ut_service = ClientApi::UserTeamService.new(
          user: current_user,
          team_id: params[:team],
          user_team_id: params[:user_team]
        )
        ut_service.destroy_user_team_and_assign_new_team_owner!
        success_response('/client_api/teams/team_users',
                         ut_service.team_users_data)
      rescue ClientApi::CustomUserTeamError => error
        unsuccess_response(error.to_s)
      end

      private

      def check_leave_team_permission
        return unless params[:user_team]
        user_team = UserTeam.find_by_id(params[:user_team])
        unless current_user == user_team.user || can_read_team?(user_team.team)
          respond_422(t('client_api.permission_error'))
        end
      end

      def check_manage_user_team_permission
        user_team = UserTeam.find_by_id(params[:user_team])
        unless can_manage_team_users?(user_team.team)
          respond_422(t('client_api.user_teams.permission_error'))
        end
      end

      def success_response(template, locals)
        respond_to do |format|
          format.json do
            render template: template,
                   status: :ok,
                   locals: locals
          end
        end
      end

      def unsuccess_response(message)
        respond_to do |format|
          format.json do
            render json: { message: message },
            status: :unprocessable_entity
          end
        end
      end
    end
  end
end
first run 2017-08-25 14:54:32 +08:00			`module ClientApi`
			`module Users`
			`class UserTeamsController < ApplicationController`
added pagination and sorting to team tables 2017-08-28 23:05:09 +08:00			`include ClientApi::Users::UserTeamsHelper`

refactor again manage user team permissions 2017-12-13 21:36:46 +08:00			`before_action :check_leave_team_permission, only: :leave_team`
			`before_action :check_manage_user_team_permission,`
			`only: %i(update_role remove_user)`
add create, update, delete user_team permission 2017-11-28 22:41:52 +08:00
first run 2017-08-25 14:54:32 +08:00			`def leave_team`
adds team members update role functionality 2017-09-12 23:30:13 +08:00			`ut_service = ClientApi::UserTeamService.new(`
			`user: current_user,`
			`team_id: params[:team],`
			`user_team_id: params[:user_team]`
			`)`
refactor leave team 2017-09-01 23:10:43 +08:00			`ut_service.destroy_user_team_and_assign_new_team_owner!`
adds team members update role functionality 2017-09-12 23:30:13 +08:00			`success_response('/client_api/teams/index', ut_service.teams_data)`
refactor leave team 2017-09-01 23:10:43 +08:00			`rescue ClientApi::CustomUserTeamError`
adds team members update role functionality 2017-09-12 23:30:13 +08:00			`unsuccess_response(t('client_api.user_teams.leave_team_error'))`
added pagination and sorting to team tables 2017-08-28 23:05:09 +08:00			`end`

adds team details view 2017-08-31 21:56:55 +08:00			`def update_role`
adds team members update role functionality 2017-09-12 23:30:13 +08:00			`ut_service = ClientApi::UserTeamService.new(`
			`user: current_user,`
			`team_id: params[:team],`
			`user_team_id: params[:user_team],`
			`role: params[:role]`
			`)`
			`ut_service.update_role!`
			`success_response('/client_api/teams/team_users',`
			`ut_service.team_users_data)`
			`rescue ClientApi::CustomUserTeamError => error`
			`unsuccess_response(error.to_s)`
added pagination and sorting to team tables 2017-08-28 23:05:09 +08:00			`end`

adds remove team action 2017-09-13 23:11:51 +08:00			`def remove_user`
			`ut_service = ClientApi::UserTeamService.new(`
			`user: current_user,`
			`team_id: params[:team],`
			`user_team_id: params[:user_team]`
			`)`
			`ut_service.destroy_user_team_and_assign_new_team_owner!`
			`success_response('/client_api/teams/team_users',`
			`ut_service.team_users_data)`
			`rescue ClientApi::CustomUserTeamError => error`
			`unsuccess_response(error.to_s)`
			`end`

adds team details view 2017-08-31 21:56:55 +08:00			`private`
added pagination and sorting to team tables 2017-08-28 23:05:09 +08:00
refactor again manage user team permissions 2017-12-13 21:36:46 +08:00			`def check_leave_team_permission`
fix failing tests 2017-12-14 17:52:13 +08:00			`return unless params[:user_team]`
refactor again manage user team permissions 2017-12-13 21:36:46 +08:00			`user_team = UserTeam.find_by_id(params[:user_team])`
			`unless current_user == user_team.user \|\| can_read_team?(user_team.team)`
			`respond_422(t('client_api.permission_error'))`
			`end`
			`end`

add create, update, delete user_team permission 2017-11-28 22:41:52 +08:00			`def check_manage_user_team_permission`
refactor again manage user team permissions 2017-12-13 21:36:46 +08:00			`user_team = UserTeam.find_by_id(params[:user_team])`
fix naming things 2018-01-05 22:15:50 +08:00			`unless can_manage_team_users?(user_team.team)`
add create, update team permission and refactor 422 respond handling in controllers 2017-12-04 18:12:35 +08:00			`respond_422(t('client_api.user_teams.permission_error'))`
add create, update, delete user_team permission 2017-11-28 22:41:52 +08:00			`end`
			`end`

adds team members update role functionality 2017-09-12 23:30:13 +08:00			`def success_response(template, locals)`
first run 2017-08-25 14:54:32 +08:00			`respond_to do \|format\|`
			`format.json do`
adds team members update role functionality 2017-09-12 23:30:13 +08:00			`render template: template,`
first run 2017-08-25 14:54:32 +08:00			`status: :ok,`
adds team details view 2017-08-31 21:56:55 +08:00			`locals: locals`
added pagination and sorting to team tables 2017-08-28 23:05:09 +08:00			`end`
			`end`
			`end`

adds team members update role functionality 2017-09-12 23:30:13 +08:00			`def unsuccess_response(message)`
added pagination and sorting to team tables 2017-08-28 23:05:09 +08:00			`respond_to do \|format\|`
			`format.json do`
adds team members update role functionality 2017-09-12 23:30:13 +08:00			`render json: { message: message },`
added pagination and sorting to team tables 2017-08-28 23:05:09 +08:00			`status: :unprocessable_entity`
first run 2017-08-25 14:54:32 +08:00			`end`
			`end`
			`end`
			`end`
			`end`
			`end`