scinote-web/app/controllers/user_my_modules_controller.rb

# frozen_string_literal: true

class UserMyModulesController < ApplicationController
  include InputSanitizeHelper

  before_action :load_vars
  before_action :check_view_permissions, except: %i(create destroy)
  before_action :check_manage_permissions, only: %i(create destroy)

  def designated_users
    @user_my_modules = @my_module.user_my_modules

    respond_to do |format|
      format.json do
        render json: {
          html: render_to_string(
            partial: 'designated_users.html.erb'
          ),
          my_module_id: @my_module.id,
          counter: @my_module.designated_users.count # Used for counter badge
        }
      end
    end
  end

  def index
    respond_to do |format|
      format.json do
        render json: {
          html: render_to_string(
            partial: 'index.html.erb'
          )
        }
      end
    end
  end

  def index_edit
    @user_my_modules = @my_module.user_my_modules
    @undesignated_users = @my_module.undesignated_users.order(full_name: :asc)
    @new_um = UserMyModule.new(my_module: @my_module)

    respond_to do |format|
      format.json do
        render json: {
          my_module: @my_module,
          html: render_to_string(
            partial: 'index_edit.html.erb'
          )
        }
      end
    end
  end

  def create
    @um = UserMyModule.new(um_params.merge(my_module: @my_module))
    @um.assigned_by = current_user

    if @um.save
      @um.log_activity(:designate_user_to_my_module, current_user)

      respond_to do |format|
        format.json do
          if params[:table]
            render json: {
              html: render_to_string(partial: 'experiments/assigned_users.html.erb',
                                     locals: { my_module: @my_module, user: current_user, skip_unassigned: false }),
              unassign_url: my_module_user_my_module_path(@my_module, @um)
            }
          else
            render json: {
              user: {
                id: @um.user.id,
                full_name: @um.user.full_name,
                avatar_url: avatar_path(@um.user, :icon_small),
                user_module_id: @um.id
              }, status: :ok
            }
          end
        end
      end
    else
      respond_to do |format|
        format.json do
          render json: {
            errors: @um.errors
          }, status: :unprocessable_entity
        end
      end
    end
  end

  def destroy
    if @um.destroy
      @um.log_activity(:undesignate_user_from_my_module, current_user)

      respond_to do |format|
        format.json do
          if params[:table]
            render json: {
              html: render_to_string(partial: 'experiments/assigned_users.html.erb',
                                     locals: { my_module: @my_module, user: current_user, skip_unassigned: false })
            }
          else
            render json: {}, status: :ok
          end
        end
      end
    else
      respond_to do |format|
        format.json do
          render json: {
            errors: @um.errors
          }, status: :unprocessable_entity
        end
      end
    end
  end

  def search
    users = @my_module.users
                      .joins("LEFT OUTER JOIN user_my_modules ON user_my_modules.user_id = users.id "\
                             "AND user_my_modules.my_module_id = #{@my_module.id}")
                      .search(false, params[:query])
                      .order(:full_name)
                      .limit(Constants::SEARCH_LIMIT)
                      .select('users.*', 'user_my_modules.id as user_my_module_id')
                      .select('CASE WHEN user_my_modules.id IS NOT NULL '\
                              'THEN true ELSE false END as designated')

    users = users.map do |user|
      next if params[:skip_assigned] && user.designated
      next if ActiveModel::Type::Boolean.new.cast(params[:skip_unassigned]) && !user.designated

      user_hash = {
        value: user.id,
        label: escape_input(user.full_name),
        params: {
          avatar_url: avatar_path(user, :icon_small),
          designated: user.designated,
          assign_url: my_module_user_my_modules_path(@my_module)
        }
      }

      if user.designated
        user_hash[:params][:unassign_url] = my_module_user_my_module_path(@my_module, user.user_my_module_id)
      end

      user_hash
    end

    render json: users.compact
  end

  private

  def load_vars
    @my_module = MyModule.find(params[:my_module_id])
    @project = @my_module.experiment.project
    @um = UserMyModule.find(params[:id]) if action_name == 'destroy'
  rescue ActiveRecord::RecordNotFound
    render_404
  end

  def check_view_permissions
    render_403 unless can_read_my_module?(@my_module)
  end

  def check_manage_permissions
    render_403 unless can_manage_my_module_designated_users?(@my_module)
  end

  def um_params
    params.require(:user_my_module).permit(:user_id, :my_module_id)
  end
end