aboutsummaryrefslogtreecommitdiff
path: root/app/controllers/resources_controller.rb
blob: 1cccafa9edd62f5de0d97ac85e82acba79f3fbf8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
class ResourcesController < ApplicationController
  before_action :set_resource, only: [:new, :show, :edit, :update, :delete, :destroy]

  # GET /resources
  def index
    @resources = Resource.order(:uuid).page params[:page]
  end

  # GET /resources/new
  def new
  end

  # POST /resources
  def create
    # TODO Background job to list similar items
    # TODO If there's a match, return to user with new record or list of mergeable ones
    return 403 unless (current_user_editor? || current_user_observer?)

    classification = resource_params.delete(:classification) || { section_ids: [] }

    @resource = current_agent.resources.build(resource_params)

    respond_to do |format|
      if @resource.save
        classification[:section_ids].each { |id| @resource.classifications.find_or_create_by(section_id: id)  }
        format.html { redirect_to @resource, notice: 'Merci de votre contribution !' }
        format.json { render :show, status: :created, location: @resource }
      else
        format.html { render :new }
        format.json { render json: @resource.errors, status: :unprocessable_entity }
      end
    end
  end

  # GET /resources/:id
  def show
  end

  # GET /resources/:id/edit
  def edit
    # TODO Add a moderation queue for unauthorized but valid changes
    flash.now[:notice] = 'Please ask an editor or a maintainer to edit this resource!' unless (current_user_editor? || current_user_maintainer?)
  end

  # PATCH /resources/:id
  def update
    # Check list:
    # 1. Compare records for changes
    # 2. Validate each change
    # 3. Moderate queue or save

    return 403 unless (current_user_editor? || current_user_maintainer?)

    respond_to do |format|
      if @resource.update(resource_params)
        format.html { redirect_to @resource, notice: 'Merci de votre contribution !' }
        format.json { render :show, status: :ok, location: @resource }
      else
        format.html { render :edit }
        format.json { render json: @resource.errors, status: :unprocessable_entity }
      end
    end
  end

  # GET /resources/:id/delete
  def delete
    flash.now[:notice] = 'Please ask a maintainer to delete this resource!' unless current_user_maintainer?
  end

  # DELETE /resources/:id
  def destroy
    # Check list
    # 1. User belongs to Agent and is :maintainer?
    if !current_user_maintainer?
      msg = 'You must be a maintainer to delete resources!'
      respond_to do |format|
        format.html { redirect_to :show, notice: msg }
        format.js   { render json: '{}', status: :forbidden, message: msg }
      end
    else
      @resource.destroy
      respond_to do |format|
        format.html { redirect_to :index, notice: 'OK, resource record successfully remove.' }
        format.js   { head :no_content }
      end
    end
  end

  private

  def resource_params
    params
      .require(:resource)
      .permit(:agent_id,
              :uuid,
              :name,
              :summary,
              :description,
              :email,
              :website,
              :phone_number,
              :address,
              :postal_code,
              :city,
              :entry_number,
              :categories,
              :latitude,
              :longitude,
              classification: [ :section_ids ])
  end

  def set_resource
    @resource = Resource.find_by(uuid: params[:id]) || current_agent.resources.build
  end
end