mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2025-10-29 23:46:32 +08:00
Fix API endpoints for user assignments [SCI-9150] (#6089)
* Fix project assignments API endpoint [SCI-9150] * Fix API endpoint for updating experiment assignments [SCI-9150] * Fix API endpoint for updating task assignments [SCI-9150]
This commit is contained in:
artoscinote
GitHub
parent
165b7febcf
commit
90f23cc61c
3 changed files with 136 additions and 46 deletions
|
|
@ -28,22 +28,26 @@ module Api
|
|||
end
|
||||
|
||||
def update
|
||||
user_role = UserRole.find user_assignment_params[:user_role_id]
|
||||
user = @user_assignment.user
|
||||
experiment_member = ExperimentMember.new(
|
||||
current_user,
|
||||
@experiment,
|
||||
@project,
|
||||
user,
|
||||
@user_assignment
|
||||
)
|
||||
ActiveRecord::Base.transaction do
|
||||
if @user_assignment.user_role_id == user_assignment_params[:user_role_id]
|
||||
return render body: nil, status: :no_content
|
||||
end
|
||||
|
||||
return render body: nil, status: :no_content if @user_assignment.user_role == user_role
|
||||
@user_assignment.update!(user_assignment_params.merge(assigned: :manually))
|
||||
|
||||
experiment_member.update(user_role_id: user_role.id, user_id: user.id)
|
||||
render jsonapi: experiment_member.user_assignment.reload,
|
||||
serializer: UserAssignmentSerializer,
|
||||
status: :ok
|
||||
UserAssignments::PropagateAssignmentJob.perform_later(
|
||||
@experiment,
|
||||
@user_assignment.user_id,
|
||||
@user_assignment.user_role,
|
||||
current_user.id
|
||||
)
|
||||
|
||||
log_change_activity
|
||||
|
||||
render jsonapi: @user_assignment.reload,
|
||||
serializer: UserAssignmentSerializer,
|
||||
status: :ok
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
|
@ -69,6 +73,21 @@ module Api
|
|||
def permitted_includes
|
||||
%w(user user_role assignable)
|
||||
end
|
||||
|
||||
def log_change_activity
|
||||
Activities::CreateActivityService.call(
|
||||
activity_type: :change_user_role_on_experiment,
|
||||
owner: current_user,
|
||||
subject: @experiment,
|
||||
team: @project.team,
|
||||
project: @project,
|
||||
message_items: {
|
||||
experiment: @experiment.id,
|
||||
user_target: @user_assignment.user_id,
|
||||
role: @user_assignment.user_role.name
|
||||
}
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -37,37 +37,99 @@ module Api
|
|||
def create
|
||||
raise PermissionError.new(Project, :manage) unless can_manage_project_users?(@project)
|
||||
|
||||
# internally we reuse the same logic as for user project assignment
|
||||
user = @team.users.find(user_project_params[:user_id])
|
||||
ActiveRecord::Base.transaction do
|
||||
user_assignment = UserAssignment.find_or_initialize_by(
|
||||
assignable: @project,
|
||||
user_id: user_project_params[:user_id],
|
||||
team: @project.team
|
||||
)
|
||||
|
||||
project_member = ProjectMember.new(user, @project, current_user)
|
||||
project_member.assign = true
|
||||
project_member.user_role_id = user_project_params[:user_role_id]
|
||||
project_member.save
|
||||
render jsonapi: project_member.user_assignment.reload,
|
||||
serializer: UserAssignmentSerializer,
|
||||
status: :created
|
||||
user_assignment.update!(
|
||||
user_role_id: user_project_params[:user_role_id],
|
||||
assigned_by: current_user,
|
||||
assigned: :manually
|
||||
)
|
||||
|
||||
log_activity(:assign_user_to_project, { user_target: user_assignment.user.id,
|
||||
role: user_assignment.user_role.name })
|
||||
propagate_job(user_assignment)
|
||||
|
||||
render jsonapi: user_assignment.reload,
|
||||
serializer: UserAssignmentSerializer,
|
||||
status: :created
|
||||
end
|
||||
end
|
||||
|
||||
def update
|
||||
user_role = UserRole.find user_project_params[:user_role_id]
|
||||
project_member = ProjectMember.new(@user_assignment.user, @project, current_user)
|
||||
# prevent role change if it would result in no manually assigned users having the user management permission
|
||||
new_user_role = UserRole.find(user_project_params[:user_role_id])
|
||||
if !new_user_role.has_permission?(ProjectPermissions::USERS_MANAGE) &&
|
||||
@user_assignment.last_with_permission?(ProjectPermissions::USERS_MANAGE, assigned: :manually)
|
||||
raise ActiveRecord::RecordInvalid
|
||||
end
|
||||
|
||||
return render body: nil, status: :no_content if project_member.user_assignment&.user_role == user_role
|
||||
return render body: nil, status: :no_content if @user_assignment&.user_role == new_user_role
|
||||
|
||||
ActiveRecord::Base.transaction do
|
||||
@user_assignment.update!(user_role: new_user_role)
|
||||
|
||||
log_activity(:change_user_role_on_project, { user_target: @user_assignment.user.id,
|
||||
role: @user_assignment.user_role.name })
|
||||
|
||||
propagate_job(@user_assignment)
|
||||
end
|
||||
|
||||
project_member.user_role_id = user_role.id
|
||||
project_member.update
|
||||
render jsonapi: @user_assignment.reload, serializer: UserAssignmentSerializer, status: :ok
|
||||
end
|
||||
|
||||
def destroy
|
||||
project_member = ProjectMember.new(@user_assignment.user, @project, current_user)
|
||||
project_member.destroy
|
||||
# prevent deletion of last manually assigned user that can manage users
|
||||
if @user_assignment.last_with_permission?(ProjectPermissions::USERS_MANAGE, assigned: :manually)
|
||||
raise ActiveRecord::RecordInvalid
|
||||
end
|
||||
|
||||
ActiveRecord::Base.transaction do
|
||||
if @project.visible?
|
||||
@user_assignment.update!(
|
||||
user_role: @project.default_public_user_role,
|
||||
assigned: :automatically
|
||||
)
|
||||
else
|
||||
@user_assignment.destroy!
|
||||
end
|
||||
|
||||
propagate_job(@user_assignment, destroy: true)
|
||||
log_activity(:unassign_user_from_project, { user_target: @user_assignment.user.id,
|
||||
role: @user_assignment.user_role.name })
|
||||
end
|
||||
|
||||
render body: nil
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def propagate_job(user_assignment, destroy: false)
|
||||
UserAssignments::PropagateAssignmentJob.perform_later(
|
||||
@project,
|
||||
user_assignment.user.id,
|
||||
user_assignment.user_role,
|
||||
current_user.id,
|
||||
destroy: destroy
|
||||
)
|
||||
end
|
||||
|
||||
def log_activity(type_of, message_items = {})
|
||||
message_items = { project: @project.id }.merge(message_items)
|
||||
|
||||
Activities::CreateActivityService
|
||||
.call(activity_type: type_of,
|
||||
owner: current_user,
|
||||
subject: @project,
|
||||
team: @project.team,
|
||||
project: @project,
|
||||
message_items: message_items)
|
||||
end
|
||||
|
||||
def check_read_permissions
|
||||
# team admins can always manage users, so they should also be able to read them
|
||||
unless can_read_project_users?(@project) || can_manage_project_users?(@project)
|
||||
|
|
|
|||
|
|
@ -28,24 +28,18 @@ module Api
|
|||
end
|
||||
|
||||
def update
|
||||
user_role = UserRole.find user_assignment_params[:user_role_id]
|
||||
user = @user_assignment.user
|
||||
my_module_member = MyModuleMember.new(
|
||||
current_user,
|
||||
@task,
|
||||
@experiment,
|
||||
@project,
|
||||
user,
|
||||
@user_assignment
|
||||
)
|
||||
ActiveRecord::Base.transaction do
|
||||
if @user_assignment.user_role_id == user_assignment_params[:user_role_id]
|
||||
return render body: nil, status: :no_content
|
||||
end
|
||||
|
||||
return render body: nil, status: :no_content if @user_assignment.user_role == user_role
|
||||
@user_assignment.update!(user_assignment_params.merge(assigned: :manually))
|
||||
log_change_activity
|
||||
|
||||
my_module_member.update(user_role_id: user_role.id, user_id: user.id)
|
||||
|
||||
render jsonapi: my_module_member.user_assignment.reload,
|
||||
serializer: UserAssignmentSerializer,
|
||||
status: :ok
|
||||
render jsonapi: @user_assignment.reload,
|
||||
serializer: UserAssignmentSerializer,
|
||||
status: :ok
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
|
@ -71,6 +65,21 @@ module Api
|
|||
def permitted_includes
|
||||
%w(user user_role assignable)
|
||||
end
|
||||
|
||||
def log_change_activity
|
||||
Activities::CreateActivityService.call(
|
||||
activity_type: :change_user_role_on_my_module,
|
||||
owner: current_user,
|
||||
subject: @task,
|
||||
team: @project.team,
|
||||
project: @project,
|
||||
message_items: {
|
||||
my_module: @task.id,
|
||||
user_target: @user_assignment.user_id,
|
||||
role: @user_assignment.user_role.name
|
||||
}
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue