aboutsummaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authorhellekin <hellekin@cepheide.org>2021-02-11 20:40:00 +0100
committerhellekin <hellekin@cepheide.org>2021-02-11 20:40:00 +0100
commite5619547d5544a043dfec173f17020b09f882a98 (patch)
treed6b127a0ea3b71d139531cfc25e2e68f558325f0 /app/controllers
parent7f65f49b5036e4318b91dfc1ecd3ca21bc8ba74a (diff)
downloadincommon-map-e5619547d5544a043dfec173f17020b09f882a98.tar.gz
[FIX] Availability of agents
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/agents_controller.rb10
-rw-r--r--app/controllers/resources_controller.rb12
-rw-r--r--app/controllers/welcome_controller.rb21
3 files changed, 26 insertions, 17 deletions
diff --git a/app/controllers/agents_controller.rb b/app/controllers/agents_controller.rb
index 105e443..fcbaebe 100644
--- a/app/controllers/agents_controller.rb
+++ b/app/controllers/agents_controller.rb
@@ -3,7 +3,7 @@
# SPDX-License-Identifier: AGPL-3.0-or-later
class AgentsController < ApplicationController
- before_action :set_agent, only: [:new, :show, :edit, :update, :delete, :destroy]
+ before_action :set_agent, only: [:new, :show, :edit, :update, :delete, :destroy]
# GET /agents
def index
@@ -26,7 +26,7 @@ class AgentsController < ApplicationController
# GET /agents/:id/edit
def edit
- flash.now[:notice] = 'Please ask a maintainer to edit this resource!' unless current_user_maintainer?
+ flash.now[:notice] = 'Please ask a maintainer to edit this resource!' unless current_agent == @agent
end
# PATCH /agents/:id
@@ -36,7 +36,7 @@ class AgentsController < ApplicationController
# 2. Validate each change
# 3. Moderate queue or save
- return 403 unless current_user_maintainer?
+ return 403 unless current_agent == @agent
respond_to do |format|
if @agent.update(agent_params)
@@ -51,7 +51,7 @@ class AgentsController < ApplicationController
# GET /agents/:id/delete
def delete
- flash.now[:notice] = 'Please ask a maintainer to delete your Agent!' unless current_user_maintainer?
+ flash.now[:notice] = 'Please ask a maintainer to delete your Agent!' unless current_agent == @agent
end
# DELETE /agents/:id
@@ -59,7 +59,7 @@ class AgentsController < ApplicationController
return 403 # Yeah, right?
# Check list
# 1. User belongs to Agent and is :maintainer?
- if !(current_user_maintainer? && current_user_leader?)
+ unless current_agent == @agent
msg = 'You must be a maintainer and a leader to delete your Agent!'
respond_to do |format|
format.html { redirect_to :show, notice: msg }
diff --git a/app/controllers/resources_controller.rb b/app/controllers/resources_controller.rb
index 52d89ea..2fa392f 100644
--- a/app/controllers/resources_controller.rb
+++ b/app/controllers/resources_controller.rb
@@ -18,13 +18,15 @@ class ResourcesController < ApplicationController
def create
# TODO Background job to list similar items
# TODO If there's a match, return to user with new record or list of mergeable ones
- return 403 unless (current_user_editor? || current_user_observer?)
classification = resource_params.delete(:classification) || { section_ids: [] }
+ Rails.logger.info resource_params
+
@resource = current_agent.resources.build(resource_params)
respond_to do |format|
+ Rails.logger.info "format: #{format} - Res: #{@resource.inspect}"
if @resource.save
classification[:section_ids].each { |id| @resource.classifications.find_or_create_by(section_id: id) }
format.html { redirect_to @resource, notice: 'Merci de votre contribution !' }
@@ -43,8 +45,7 @@ class ResourcesController < ApplicationController
# GET /resources/:id/edit
def edit
# TODO Add a moderation queue for unauthorized but valid changes
- flash.now[:notice] = 'Please ask an editor or a maintainer to edit this resource!' unless (current_user_editor? || current_user_maintainer?)
-
+ flash.now[:notice] = 'Please ask an editor or a maintainer to edit this resource!' unless @resource.agent == current_agent
Rails.logger.info "EDIT: #{@resource.uuid} #{@resource.name} // #{current_agent.id}"
end
@@ -56,7 +57,8 @@ class ResourcesController < ApplicationController
# 2. Validate each change
# 3. Moderate queue or save
- return 403 unless (current_user_editor? || current_user_maintainer?)
+ # TODO: pass this to current_agent and version resource
+ return 403 unless current_agent == @resource.agent
respond_to do |format|
if @resource.update(resource_params)
@@ -78,7 +80,7 @@ class ResourcesController < ApplicationController
def destroy
# Check list
# 1. User belongs to Agent and is :maintainer?
- if !current_user_maintainer?
+ if @resource.agent != current_agent
msg = 'You must be a maintainer to delete resources!'
respond_to do |format|
format.html { redirect_to :show, notice: msg }
diff --git a/app/controllers/welcome_controller.rb b/app/controllers/welcome_controller.rb
index 5fce0cf..ad9cd95 100644
--- a/app/controllers/welcome_controller.rb
+++ b/app/controllers/welcome_controller.rb
@@ -102,20 +102,27 @@ class WelcomeController < ApplicationController
# Set @current_user to existing or new User record from SSO user info
def find_or_create_current_user
- @current_user = User.find_by(external_id: @sso.user_info[:external_id]) ||
+ user_data = {
+ external_id: @sso.user_info[:external_id],
+ avatar_url: @sso.user_info[:avatar_url],
+ email: @sso.user_info[:email],
+ name: @sso.user_info[:name],
+ username: @sso.user_info[:username]
+ }
+
+ @current_user = User.find_by(external_id: user_data[:external_id]) ||
begin
Rails.logger.info('new user...')
- u = User.create(
- external_id: @sso.user_info[:external_id],
- avatar_url: @sso.user_info[:avatar_url],
- email: @sso.user_info[:email],
- name: @sso.user_info[:name],
- username: @sso.user_info[:username])
+ u = User.create(user_data)
Rails.logger.info('created user %s' % u.inspect)
u
rescue Exception => e
Rails.logger.warning("#{e.type}: #{e.message}")
end
+
+ user_data.reverse_merge!(@current_user.attributes.symbolize_keys)
+ @current_user.update(user_data) if user_data != @current_user.attributes
+ @current_user
end
# Update user agents