scinote-web/app/controllers/api/v1/user_projects_controller.rb
2020-09-23 11:03:29 +02:00

67 lines
2 KiB
Ruby

# frozen_string_literal: true
module Api
module V1
class UserProjectsController < BaseController
before_action :load_team
before_action :load_project
before_action :load_user_project, only: :show
before_action :load_user_project_for_managing, only: %i(update destroy)
def index
user_projects = @project.user_projects
.page(params.dig(:page, :number))
.per(params.dig(:page, :size))
render jsonapi: user_projects,
each_serializer: UserProjectSerializer,
include: :user
end
def show
render jsonapi: @user_project,
serializer: UserProjectSerializer,
include: :user
end
def create
raise PermissionError.new(Project, :manage) unless can_manage_project?(@project)
user_project = @project.user_projects.create!(user_project_params.merge!(assigned_by: current_user))
render jsonapi: user_project, serializer: UserProjectSerializer, status: :created
end
def update
@user_project.role = user_project_params[:role]
return render body: nil, status: :no_content unless @user_project.changed?
@user_project.assigned_by = current_user
@user_project.save!
render jsonapi: @user_project, serializer: UserProjectSerializer, status: :ok
end
def destroy
@user_project.destroy!
render body: nil
end
private
def load_user_project
@user_project = @project.user_projects.find(params.require(:id))
end
def load_user_project_for_managing
@user_project = @project.user_projects.find(params.require(:id))
raise PermissionError.new(Project, :manage) unless can_manage_project?(@project)
end
def user_project_params
raise TypeError unless params.require(:data).require(:type) == 'user_projects'
params.require(:data).require(:attributes).permit(:user_id, :role)
end
end
end
end