scinote-web/app/controllers/client_api/users/user_teams_controller.rb
2018-01-05 15:15:50 +01:00

86 lines
2.7 KiB
Ruby

module ClientApi
module Users
class UserTeamsController < ApplicationController
include ClientApi::Users::UserTeamsHelper
before_action :check_leave_team_permission, only: :leave_team
before_action :check_manage_user_team_permission,
only: %i(update_role remove_user)
def leave_team
ut_service = ClientApi::UserTeamService.new(
user: current_user,
team_id: params[:team],
user_team_id: params[:user_team]
)
ut_service.destroy_user_team_and_assign_new_team_owner!
success_response('/client_api/teams/index', ut_service.teams_data)
rescue ClientApi::CustomUserTeamError
unsuccess_response(t('client_api.user_teams.leave_team_error'))
end
def update_role
ut_service = ClientApi::UserTeamService.new(
user: current_user,
team_id: params[:team],
user_team_id: params[:user_team],
role: params[:role]
)
ut_service.update_role!
success_response('/client_api/teams/team_users',
ut_service.team_users_data)
rescue ClientApi::CustomUserTeamError => error
unsuccess_response(error.to_s)
end
def remove_user
ut_service = ClientApi::UserTeamService.new(
user: current_user,
team_id: params[:team],
user_team_id: params[:user_team]
)
ut_service.destroy_user_team_and_assign_new_team_owner!
success_response('/client_api/teams/team_users',
ut_service.team_users_data)
rescue ClientApi::CustomUserTeamError => error
unsuccess_response(error.to_s)
end
private
def check_leave_team_permission
return unless params[:user_team]
user_team = UserTeam.find_by_id(params[:user_team])
unless current_user == user_team.user || can_read_team?(user_team.team)
respond_422(t('client_api.permission_error'))
end
end
def check_manage_user_team_permission
user_team = UserTeam.find_by_id(params[:user_team])
unless can_manage_team_users?(user_team.team)
respond_422(t('client_api.user_teams.permission_error'))
end
end
def success_response(template, locals)
respond_to do |format|
format.json do
render template: template,
status: :ok,
locals: locals
end
end
end
def unsuccess_response(message)
respond_to do |format|
format.json do
render json: { message: message },
status: :unprocessable_entity
end
end
end
end
end
end