2016-10-17 00:22:00 +00:00
|
|
|
# frozen_string_literal: true
|
2017-11-25 19:23:47 +00:00
|
|
|
|
2016-10-17 00:22:00 +00:00
|
|
|
class AccessController < ApplicationController
|
2018-01-20 22:10:26 +00:00
|
|
|
before_action :require_user, only: %i[access access_request
|
2017-11-25 19:23:47 +00:00
|
|
|
approve_access approve_access_post
|
2018-01-20 22:10:26 +00:00
|
|
|
deny_access deny_access_post request_access]
|
|
|
|
before_action :set_map, only: %i[access access_request
|
2017-11-25 19:23:47 +00:00
|
|
|
approve_access approve_access_post
|
2018-01-20 22:10:26 +00:00
|
|
|
deny_access deny_access_post request_access]
|
2016-10-17 00:22:00 +00:00
|
|
|
after_action :verify_authorized
|
|
|
|
|
|
|
|
# GET maps/:id/request_access
|
|
|
|
def request_access
|
|
|
|
@map = nil
|
|
|
|
respond_to do |format|
|
|
|
|
format.html do
|
|
|
|
render 'maps/request_access'
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# POST maps/:id/access_request
|
|
|
|
def access_request
|
2017-02-09 21:53:19 +00:00
|
|
|
AccessRequest.create(user: current_user, map: @map)
|
2016-10-17 00:22:00 +00:00
|
|
|
respond_to do |format|
|
2016-12-08 19:39:41 +00:00
|
|
|
format.json { head :ok }
|
2016-10-17 00:22:00 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# POST maps/:id/access
|
|
|
|
def access
|
2016-11-08 17:37:06 +00:00
|
|
|
user_ids = params[:access].to_a.map(&:to_i) || []
|
2016-10-17 00:22:00 +00:00
|
|
|
|
2017-02-09 21:53:19 +00:00
|
|
|
@map.add_new_collaborators(user_ids)
|
2016-10-17 00:22:00 +00:00
|
|
|
@map.remove_old_collaborators(user_ids)
|
|
|
|
|
|
|
|
respond_to do |format|
|
2016-12-08 19:39:41 +00:00
|
|
|
format.json { head :ok }
|
2016-10-17 00:22:00 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# GET maps/:id/approve_access/:request_id
|
|
|
|
def approve_access
|
|
|
|
request = AccessRequest.find(params[:request_id])
|
2016-12-09 17:04:17 +00:00
|
|
|
request.approve # also marks mailboxer notification as read
|
2016-10-17 00:22:00 +00:00
|
|
|
respond_to do |format|
|
|
|
|
format.html { redirect_to map_path(@map), notice: 'Request was approved' }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# GET maps/:id/deny_access/:request_id
|
|
|
|
def deny_access
|
|
|
|
request = AccessRequest.find(params[:request_id])
|
2016-12-09 17:04:17 +00:00
|
|
|
request.deny # also marks mailboxer notification as read
|
2016-10-17 00:22:00 +00:00
|
|
|
respond_to do |format|
|
|
|
|
format.html { redirect_to map_path(@map), notice: 'Request was turned down' }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# POST maps/:id/approve_access/:request_id
|
|
|
|
def approve_access_post
|
|
|
|
request = AccessRequest.find(params[:request_id])
|
2016-11-01 03:18:27 +00:00
|
|
|
request.approve
|
2016-10-17 00:22:00 +00:00
|
|
|
respond_to do |format|
|
2017-02-11 14:06:01 +00:00
|
|
|
format.js
|
2016-10-17 00:22:00 +00:00
|
|
|
format.json do
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# POST maps/:id/deny_access/:request_id
|
|
|
|
def deny_access_post
|
|
|
|
request = AccessRequest.find(params[:request_id])
|
2016-11-01 03:18:27 +00:00
|
|
|
request.deny
|
2016-10-17 00:22:00 +00:00
|
|
|
respond_to do |format|
|
2017-02-11 14:06:01 +00:00
|
|
|
format.js
|
2016-10-17 00:22:00 +00:00
|
|
|
format.json do
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def set_map
|
|
|
|
@map = Map.find(params[:id])
|
|
|
|
authorize @map
|
|
|
|
end
|
|
|
|
end
|