scinote-web/app/controllers/step_comments_controller.rb

class StepCommentsController < ApplicationController
  before_action :load_vars

  before_action :check_view_permissions, only: [ :index ]
  before_action :check_add_permissions, only: [ :new, :create ]
  before_action :check_edit_permissions, only: [:edit, :update]
  before_action :check_destroy_permissions, only: [:destroy]

  def index
    @comments = @step.last_comments(@last_comment_id, @per_page)

    respond_to do |format|
      format.json {
        # 'index' partial includes header and form for adding new
        # messages. 'list' partial is used for showing more
        # comments.
        partial = "index.html.erb"
        partial = "list.html.erb" if @last_comment_id > 0
        more_url = ""
        if @comments.count > 0
          more_url = url_for(step_step_comments_path(@step,
                                                     format: :json,
                                                     from: @comments.last.id))
        end
        render :json => {
          per_page: @per_page,
          results_number: @comments.length,
          more_url: more_url,
          html: render_to_string({
            partial: partial,
            locals: {
              comments: @comments,
              more_comments_url: more_url
            }
          })
        }
      }
    end
  end

  def new
    @comment = Comment.new(
      user: current_user
    )
  end

  def create
    @comment = Comment.new(
      message: comment_params[:message],
      user: current_user)

    respond_to do |format|
      if (@comment.valid? && @step.comments << @comment)

        # Generate activity (this can only occur in module,
        # but nonetheless check if my module is not nil)
        if @protocol.in_module?
          Activity.create(
            type_of: :add_comment_to_step,
            user: current_user,
            project: @step.my_module.experiment.project,
            my_module: @step.my_module,
            message: t(
              "activities.add_comment_to_step",
              user: current_user.full_name,
              step: @step.position + 1,
              step_name: @step.name
            )
          )
        end

        format.html {
          flash[:success] = t(
            "step_comments.create.success_flash",
            step: @step.name)
          redirect_to session.delete(:return_to)
        }
        format.json {
          render json: {
            html: render_to_string({
              partial: "comment.html.erb",
              locals: {
                comment: @comment
              }
            })
          },
          status: :created
        }
      else
        response.status = 400
        format.html { render :new }
        format.json {
          render json: {
            errors: @comment.errors.to_hash(true)
          }
        }
      end
    end
  end

  def edit
    @update_url = step_step_comment_path(@step, @comment, format: :json)
    respond_to do |format|
      format.json do
        render json: {
          html: render_to_string(
            partial: '/comments/edit.html.erb'
          )
        }
      end
    end
  end

  def update
    @comment.message = comment_params[:message]
    respond_to do |format|
      format.json do
        if @comment.save
          # Generate activity
          if @protocol.in_module?
            Activity.create(
              type_of: :edit_step_comment,
              user: current_user,
              project: @step.my_module.experiment.project,
              my_module: @step.my_module,
              message: t(
                'activities.edit_step_comment',
                user: current_user.full_name,
                step: @step.position + 1,
                step_name: @step.name
              )
            )
          end
          render json: {}, status: :ok
        else
          render json: { errors: @comment.errors.to_hash(true) },
                 status: :unprocessable_entity
        end
      end
    end
  end

  def destroy
    respond_to do |format|
      format.json do
        if @comment.destroy
          # Generate activity
          if @protocol.in_module?
            Activity.create(
              type_of: :delete_step_comment,
              user: current_user,
              project: @step.my_module.experiment.project,
              my_module: @step.my_module,
              message: t(
                'activities.delete_step_comment',
                user: current_user.full_name,
                step: @step.position + 1,
                step_name: @step.name
              )
            )
          end
          render json: {}, status: :ok
        else
          render json: { message: I18n.t('comments.delete_error') },
                 status: :unprocessable_entity
        end
      end
    end
  end

  private

  def load_vars
    @last_comment_id = params[:from].to_i
    @per_page = 10
    @step = Step.find_by_id(params[:step_id])
    @protocol = @step.protocol

    unless @step
      render_404
    end
  end

  def check_view_permissions
    unless can_view_step_comments(@protocol)
      render_403
    end
  end

  def check_add_permissions
    unless can_add_step_comment_in_protocol(@protocol)
      render_403
    end
  end

  def check_edit_permissions
    @comment = Comment.find_by_id(params[:id])
    render_403 unless @comment.present? &&
                      can_edit_step_comment_in_protocol(@comment)
  end

  def check_destroy_permissions
    @comment = Comment.find_by_id(params[:id])
    render_403 unless @comment.present? &&
                      can_delete_step_comment_in_protocol(@comment)
  end

  def comment_params
    params.require(:comment).permit(:message)
  end
end
Initial commit. 2016-02-12 23:52:43 +08:00			`class StepCommentsController < ApplicationController`
			`before_action :load_vars`

			`before_action :check_view_permissions, only: [ :index ]`
			`before_action :check_add_permissions, only: [ :new, :create ]`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`before_action :check_edit_permissions, only: [:edit, :update]`
			`before_action :check_destroy_permissions, only: [:destroy]`
Initial commit. 2016-02-12 23:52:43 +08:00
			`def index`
			`@comments = @step.last_comments(@last_comment_id, @per_page)`

			`respond_to do \|format\|`
			`format.json {`
			`# 'index' partial includes header and form for adding new`
			`# messages. 'list' partial is used for showing more`
			`# comments.`
			`partial = "index.html.erb"`
			`partial = "list.html.erb" if @last_comment_id > 0`
			`more_url = ""`
			`if @comments.count > 0`
			`more_url = url_for(step_step_comments_path(@step,`
			`format: :json,`
			`from: @comments.last.id))`
			`end`
			`render :json => {`
			`per_page: @per_page,`
			`results_number: @comments.length,`
			`more_url: more_url,`
			`html: render_to_string({`
			`partial: partial,`
			`locals: {`
			`comments: @comments,`
			`more_comments_url: more_url`
			`}`
			`})`
			`}`
			`}`
			`end`
			`end`

			`def new`
			`@comment = Comment.new(`
			`user: current_user`
			`)`
			`end`

			`def create`
			`@comment = Comment.new(`
			`message: comment_params[:message],`
			`user: current_user)`

			`respond_to do \|format\|`
			`if (@comment.valid? && @step.comments << @comment)`

Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`# Generate activity (this can only occur in module,`
			`# but nonetheless check if my module is not nil)`
			`if @protocol.in_module?`
			`Activity.create(`
			`type_of: :add_comment_to_step,`
			`user: current_user,`
Fix step comments 2016-08-10 19:51:24 +08:00			`project: @step.my_module.experiment.project,`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`my_module: @step.my_module,`
			`message: t(`
			`"activities.add_comment_to_step",`
			`user: current_user.full_name,`
			`step: @step.position + 1,`
			`step_name: @step.name`
			`)`
Initial commit. 2016-02-12 23:52:43 +08:00			`)`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`end`
Initial commit. 2016-02-12 23:52:43 +08:00
			`format.html {`
			`flash[:success] = t(`
			`"step_comments.create.success_flash",`
			`step: @step.name)`
			`redirect_to session.delete(:return_to)`
			`}`
			`format.json {`
			`render json: {`
			`html: render_to_string({`
			`partial: "comment.html.erb",`
			`locals: {`
			`comment: @comment`
			`}`
			`})`
			`},`
			`status: :created`
			`}`
			`else`
			`response.status = 400`
			`format.html { render :new }`
			`format.json {`
			`render json: {`
			`errors: @comment.errors.to_hash(true)`
			`}`
			`}`
			`end`
			`end`
			`end`

Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`def edit`
			`@update_url = step_step_comment_path(@step, @comment, format: :json)`
			`respond_to do \|format\|`
			`format.json do`
			`render json: {`
			`html: render_to_string(`
			`partial: '/comments/edit.html.erb'`
			`)`
			`}`
			`end`
			`end`
			`end`

			`def update`
			`@comment.message = comment_params[:message]`
			`respond_to do \|format\|`
			`format.json do`
			`if @comment.save`
Generate activities when editing/deleting comments 2016-08-25 19:33:42 +08:00			`# Generate activity`
			`if @protocol.in_module?`
			`Activity.create(`
			`type_of: :edit_step_comment,`
			`user: current_user,`
			`project: @step.my_module.experiment.project,`
			`my_module: @step.my_module,`
			`message: t(`
			`'activities.edit_step_comment',`
			`user: current_user.full_name,`
			`step: @step.position + 1,`
			`step_name: @step.name`
			`)`
			`)`
			`end`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`render json: {}, status: :ok`
			`else`
			`render json: { errors: @comment.errors.to_hash(true) },`
			`status: :unprocessable_entity`
			`end`
			`end`
			`end`
			`end`

			`def destroy`
			`respond_to do \|format\|`
			`format.json do`
			`if @comment.destroy`
Generate activities when editing/deleting comments 2016-08-25 19:33:42 +08:00			`# Generate activity`
			`if @protocol.in_module?`
			`Activity.create(`
			`type_of: :delete_step_comment,`
			`user: current_user,`
			`project: @step.my_module.experiment.project,`
			`my_module: @step.my_module,`
			`message: t(`
			`'activities.delete_step_comment',`
			`user: current_user.full_name,`
			`step: @step.position + 1,`
			`step_name: @step.name`
			`)`
			`)`
			`end`
Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`render json: {}, status: :ok`
			`else`
			`render json: { message: I18n.t('comments.delete_error') },`
			`status: :unprocessable_entity`
			`end`
			`end`
			`end`
			`end`

Initial commit. 2016-02-12 23:52:43 +08:00			`private`

			`def load_vars`
			`@last_comment_id = params[:from].to_i`
			`@per_page = 10`
			`@step = Step.find_by_id(params[:step_id])`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`@protocol = @step.protocol`
Initial commit. 2016-02-12 23:52:43 +08:00
			`unless @step`
			`render_404`
			`end`
			`end`

			`def check_view_permissions`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`unless can_view_step_comments(@protocol)`
Initial commit. 2016-02-12 23:52:43 +08:00			`render_403`
			`end`
			`end`

			`def check_add_permissions`
Migration GitLab -> GitHub 2016-07-21 19:11:15 +08:00			`unless can_add_step_comment_in_protocol(@protocol)`
Initial commit. 2016-02-12 23:52:43 +08:00			`render_403`
			`end`
			`end`

Add edit&delete functionality to step comments This commit also: * fixes a bug in permission_helper.rb, * fixes comments.js a bit, * adds 2 more re-renders of dropdown position calculations to canvas.js and projects/index.js. 2016-08-25 16:26:40 +08:00			`def check_edit_permissions`
			`@comment = Comment.find_by_id(params[:id])`
			`render_403 unless @comment.present? &&`
			`can_edit_step_comment_in_protocol(@comment)`
			`end`

			`def check_destroy_permissions`
			`@comment = Comment.find_by_id(params[:id])`
			`render_403 unless @comment.present? &&`
			`can_delete_step_comment_in_protocol(@comment)`
			`end`

Initial commit. 2016-02-12 23:52:43 +08:00			`def comment_params`
			`params.require(:comment).permit(:message)`
			`end`
			`end`