scinote-web/app/controllers/user_my_modules_controller.rb

169 lines
3.8 KiB
Ruby
Raw Normal View History

2016-02-12 23:52:43 +08:00
class UserMyModulesController < ApplicationController
before_action :load_vars
before_action :check_view_permissions, only: :index
before_action :check_edit_permissions, only: :index_edit
before_action :check_create_permissions, only: :create
before_action :check_delete_permisisons, only: :destroy
def index
@user_my_modules = @my_module.user_my_modules
respond_to do |format|
2016-11-22 22:19:12 +08:00
format.json do
render json: {
html: render_to_string(
partial: 'index.html.erb'
),
my_module_id: @my_module.id,
2017-05-09 16:18:57 +08:00
counter: @my_module.users.count # Used for counter badge
}
2016-11-22 22:19:12 +08:00
end
end
end
2016-02-12 23:52:43 +08:00
def index_edit
@user_my_modules = @my_module.user_my_modules
@unassigned_users = @my_module.unassigned_users
@new_um = UserMyModule.new(my_module: @my_module)
respond_to do |format|
format.json do
render json: {
my_module: @my_module,
html: render_to_string(
partial: 'index_edit.html.erb'
)
2016-02-12 23:52:43 +08:00
}
end
2016-02-12 23:52:43 +08:00
end
end
def create
@um = UserMyModule.new(um_params.merge(my_module: @my_module))
@um.assigned_by = current_user
if @um.save
# Create activity
message = t(
2017-12-20 20:39:35 +08:00
'activities.assign_user_to_module',
2016-02-12 23:52:43 +08:00
assigned_user: @um.user.full_name,
module: @my_module.name,
assigned_by_user: current_user.full_name
)
Activity.create(
user: current_user,
2016-08-03 15:34:10 +08:00
project: @um.my_module.experiment.project,
2017-04-20 16:56:25 +08:00
experiment: @um.my_module.experiment,
2016-02-12 23:52:43 +08:00
my_module: @um.my_module,
message: message,
type_of: :assign_user_to_module
)
respond_to do |format|
2017-12-20 20:39:35 +08:00
format.json do
redirect_to my_module_users_edit_path(format: :json),
turbolinks: false,
status: 303
end
2016-02-12 23:52:43 +08:00
end
else
respond_to do |format|
format.json {
render :json => {
:errors => [
flash_error]
}
}
end
end
end
def destroy
if @um.destroy
# Create activity
message = t(
"activities.unassign_user_from_module",
unassigned_user: @um.user.full_name,
module: @my_module.name,
unassigned_by_user: current_user.full_name
)
Activity.create(
user: current_user,
2016-08-03 15:34:10 +08:00
project: @um.my_module.experiment.project,
2017-04-20 16:56:25 +08:00
experiment: @um.my_module.experiment,
2016-02-12 23:52:43 +08:00
my_module: @um.my_module,
message: message,
type_of: :unassign_user_from_module
)
respond_to do |format|
format.json do
redirect_to my_module_users_edit_path(format: :json),
turbolinks: false,
status: 303
end
2016-02-12 23:52:43 +08:00
end
else
respond_to do |format|
format.json {
render :json => {
:errors => [
flash_error
]
}
}
end
end
end
private
def load_vars
@my_module = MyModule.find_by_id(params[:my_module_id])
if @my_module
2016-08-03 15:34:10 +08:00
@project = @my_module.experiment.project
2016-02-12 23:52:43 +08:00
else
render_404
end
if action_name == "destroy"
@um = UserMyModule.find_by_id(params[:id])
unless @um
render_404
end
end
end
def check_view_permissions
unless can_view_module_users(@my_module)
render_403
end
end
2016-02-12 23:52:43 +08:00
def check_edit_permissions
unless can_edit_users_on_module(@my_module)
render_403
end
end
def check_create_permissions
unless can_add_user_to_module(@my_module)
render_403
end
end
def check_delete_permisisons
unless can_remove_user_from_module(@my_module)
render_403
end
end
def init_gui
@users = @my_module.unassigned_users
end
def um_params
params.require(:user_my_module).permit(:user_id, :my_module_id)
end
end