scinote-web/app/controllers/custom_fields_controller.rb

124 lines
3.1 KiB
Ruby
Raw Normal View History

2016-02-12 23:52:43 +08:00
class CustomFieldsController < ApplicationController
include InputSanitizeHelper
before_action :load_vars, except: :create
2016-12-09 18:58:10 +08:00
before_action :load_vars_nested, only: [:create, :destroy_html]
before_action :check_create_permissions, only: :create
2016-11-29 22:05:18 +08:00
before_action :check_update_permissions, only: :update
2016-12-09 18:58:10 +08:00
before_action :check_destroy_permissions, only: [:destroy, :destroy_html]
2016-02-12 23:52:43 +08:00
def create
@custom_field = CustomField.new(custom_field_params)
@custom_field.team = @team
2016-02-12 23:52:43 +08:00
@custom_field.user = current_user
respond_to do |format|
if @custom_field.save
2016-11-29 22:05:18 +08:00
format.json do
2016-02-12 23:52:43 +08:00
render json: {
id: @custom_field.id,
name: escape_input(@custom_field.name),
2016-12-09 18:58:10 +08:00
edit_url:
2017-03-18 00:52:15 +08:00
edit_team_custom_field_path(@team, @custom_field),
update_url:
team_custom_field_path(@team, @custom_field),
2016-12-09 18:58:10 +08:00
destroy_html_url:
team_custom_field_destroy_html_path(
@team, @custom_field
2016-12-09 18:58:10 +08:00
)
2016-02-12 23:52:43 +08:00
},
2016-11-29 22:05:18 +08:00
status: :ok
end
2016-02-12 23:52:43 +08:00
else
format.json do
render json: @custom_field.errors.to_json,
status: :unprocessable_entity
end
2016-02-12 23:52:43 +08:00
end
end
end
2017-03-18 00:52:15 +08:00
def edit
respond_to do |format|
format.json do
render json: { status: :ok }
end
end
end
2016-11-29 22:05:18 +08:00
def update
respond_to do |format|
format.json do
@custom_field.update_attributes(custom_field_params)
if @custom_field.save
render json: { status: :ok }
else
render json: @custom_field.errors.to_json,
status: :unprocessable_entity
end
end
end
end
2016-12-09 18:58:10 +08:00
def destroy_html
respond_to do |format|
format.json do
render json: {
html: render_to_string(
partial: 'samples/delete_custom_field_modal_body.html.erb',
locals: { column_index: params[:column_index] }
2016-12-09 18:58:10 +08:00
)
}
end
end
end
def destroy
@del_custom_field = @custom_field.dup
2016-12-09 18:58:10 +08:00
respond_to do |format|
format.json do
if @custom_field.destroy
2016-12-14 22:27:24 +08:00
SamplesTable.update_samples_table_state(
@del_custom_field,
params[:custom_field][:column_index]
)
2016-12-09 18:58:10 +08:00
render json: { status: :ok }
else
render json: { status: :unprocessable_entity }
end
end
end
end
2016-02-12 23:52:43 +08:00
private
2016-11-29 22:05:18 +08:00
def load_vars
@custom_field = CustomField.find_by_id(params[:id])
2016-12-09 18:58:10 +08:00
@custom_field = CustomField.find_by_id(
params[:custom_field_id]
) unless @custom_field
2016-11-29 22:05:18 +08:00
render_404 unless @custom_field
end
2016-02-12 23:52:43 +08:00
def load_vars_nested
@team = Team.find_by_id(params[:team_id])
render_404 unless @team
2016-02-12 23:52:43 +08:00
end
def check_create_permissions
render_403 unless can_create_custom_field_in_team(@team)
2016-11-29 22:05:18 +08:00
end
def check_update_permissions
render_403 unless can_edit_custom_field(@custom_field)
2016-02-12 23:52:43 +08:00
end
2016-12-09 18:58:10 +08:00
def check_destroy_permissions
render_403 unless can_delete_custom_field(@custom_field)
end
2016-02-12 23:52:43 +08:00
def custom_field_params
params.require(:custom_field).permit(:name)
end
end