module ClientApi module Users class InvitationsController < Devise::InvitationsController before_action :check_invite_users_permission, only: :invite_users def invite_users invite_service = ClientApi::InvitationsService.new(user: current_user, team: @team, role: params['user_role'], emails: params[:emails]) invite_results = invite_service.invitation success_response(invite_results) rescue => error respond_to do |format| format.json do render json: { message: error }, status: :unprocessable_entity end end end private def success_response(invite_results) respond_to do |format| format.json do render template: '/client_api/users/invite_users', status: :ok, locals: { invite_results: invite_results, team: @team } end end end def check_invite_users_permission @team = Team.find_by_id(params[:team_id]) if @team && !can_manage_team_users?(@team) respond_422(t('client_api.invite_users.permission_error')) end end end end end