fab-manager/app/controllers/api/settings_controller.rb

# frozen_string_literal: true

# API Controller for resources of type Setting
class API::SettingsController < API::ApiController
  before_action :authenticate_user!, only: %i[update bulk_update reset]

  def index
    @settings = policy_scope(Setting.where(name: names_as_string_to_array))
  end

  def update
    authorize Setting
    @setting = Setting.find_or_initialize_by(name: params[:name])
    render status: :not_modified and return if setting_params[:value] == @setting.value
    render status: :locked, json: { error: I18n.t('settings.locked_setting') } and return unless SettingService.before_update(@setting)

    if @setting.save && @setting.history_values.create(value: setting_params[:value], invoicing_profile: current_user.invoicing_profile)
      SettingService.after_update(@setting)
      render status: :ok
    else
      render json: @setting.errors.full_messages, status: :unprocessable_entity
    end
  end

  def bulk_update
    authorize Setting

    @settings = []
    may_transaction(params[:transactional]) do
      params[:settings].each do |setting|
        next if !setting[:name] || !setting[:value]

        db_setting = Setting.find_or_initialize_by(name: setting[:name])
        if !SettingService.before_update(db_setting)
          db_setting.errors[:-] << I18n.t("settings.#{setting[:name]}") + ': ' + I18n.t('settings.locked_setting')
        elsif db_setting.save
          db_setting.history_values.create(value: setting[:value], invoicing_profile: current_user.invoicing_profile)
          SettingService.after_update(db_setting)
        end

        @settings.push db_setting
        may_rollback(params[:transactional]) if db_setting.errors.keys.count.positive?
      end
    end
  end

  def show
    authorize SettingContext.new(params[:name])

    @setting = Setting.find_or_create_by(name: params[:name])
    @show_history = params[:history] == 'true' && current_user.admin?
  end

  def test_present
    authorize SettingContext.new(params[:name])

    @setting = Setting.get(params[:name])
  end

  def reset
    authorize Setting

    setting = Setting.find_or_create_by(name: params[:name])
    render status: :locked, json: { error: 'locked setting' } and return unless SettingService.before_update(setting)

    first_val = setting.history_values.order(created_at: :asc).limit(1).first
    new_val = HistoryValue.create!(
      setting_id: setting.id,
      value: first_val.value,
      invoicing_profile_id: current_user.invoicing_profile.id
    )
    SettingService.after_update(setting)
    render json: new_val, status: :ok
  end

  private

  def setting_params
    params.require(:setting).permit(:value)
  end

  def names_as_string_to_array
    params[:names][1..-2].split(',').map(&:strip).map { |param| param[1..-2] }.map(&:strip)
  end

  # run the given block in a transaction if `should` is true. Just run it normally otherwise
  def may_transaction(should)
    if should == 'true'
      ActiveRecord::Base.transaction do
        yield
      end
    else
      yield
    end
  end

  # rollback the current DB transaction if `should` is true
  def may_rollback(should)
    raise ActiveRecord::Rollback if should == 'true'
  end
end
rubocop api controllers TODO: - events controller - availabilies controller - members controller - plans controller 2019-01-16 16:28:25 +01:00			`# frozen_string_literal: true`

			`# API Controller for resources of type Setting`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`class API::SettingsController < API::ApiController`
admin set its customized html template for the home page & can reset it to factory value 2020-01-22 11:53:40 +01:00			`before_action :authenticate_user!, only: %i[update bulk_update reset]`
release 2.0 rc 2016-03-23 18:39:41 +01:00
			`def index`
secure the settings API (read) + read the openlab settings from the db 2020-06-08 15:08:07 +02:00			`@settings = policy_scope(Setting.where(name: names_as_string_to_array))`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`

			`def update`
			`authorize Setting`
ability for the admin to set custom settings for the reservation reminders + fix settings customization confirmation message 2016-08-17 12:49:52 +02:00			`@setting = Setting.find_or_initialize_by(name: params[:name])`
improved version check - use referer from client when available - save uuid returned by hub - send uuid to hub on version check - check the version on each startup to prevent wrong sync - also: do not save a setting on API update if it has not changed 2020-04-07 17:53:19 +02:00			`render status: :not_modified and return if setting_params[:value] == @setting.value`
transactional bulk update + better error handling while configuring the payment gateway 2021-06-10 10:39:42 +02:00			`render status: :locked, json: { error: I18n.t('settings.locked_setting') } and return unless SettingService.before_update(@setting)`
improved version check - use referer from client when available - save uuid returned by hub - send uuid to hub on version check - check the version on each startup to prevent wrong sync - also: do not save a setting on API update if it has not changed 2020-04-07 17:53:19 +02:00
link HistoryValue to InvoicingProfile + improved invoices tests 2019-06-03 16:51:43 +02:00			`if @setting.save && @setting.history_values.create(value: setting_params[:value], invoicing_profile: current_user.invoicing_profile)`
many sidekiq fixes 2020-06-09 18:51:57 +02:00			`SettingService.after_update(@setting)`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`render status: :ok`
			`else`
			`render json: @setting.errors.full_messages, status: :unprocessable_entity`
			`end`
			`end`

improved accounting codes settings page (1 click saves all) + improved export file name 2019-09-16 14:39:47 +02:00			`def bulk_update`
			`authorize Setting`

			`@settings = []`
transactional bulk update + better error handling while configuring the payment gateway 2021-06-10 10:39:42 +02:00			`may_transaction(params[:transactional]) do`
			`params[:settings].each do \|setting\|`
			`next if !setting[:name] \|\| !setting[:value]`

			`db_setting = Setting.find_or_initialize_by(name: setting[:name])`
			`if !SettingService.before_update(db_setting)`
			`db_setting.errors[:-] << I18n.t("settings.#{setting[:name]}") + ': ' + I18n.t('settings.locked_setting')`
			`elsif db_setting.save`
			`db_setting.history_values.create(value: setting[:value], invoicing_profile: current_user.invoicing_profile)`
			`SettingService.after_update(db_setting)`
			`end`

			`@settings.push db_setting`
			`may_rollback(params[:transactional]) if db_setting.errors.keys.count.positive?`
save & retreive stripe settings 2021-03-30 15:56:36 +02:00			`end`
improved accounting codes settings page (1 click saves all) + improved export file name 2019-09-16 14:39:47 +02:00			`end`
			`end`

release 2.0 rc 2016-03-23 18:39:41 +01:00			`def show`
secure the settings API (read) + read the openlab settings from the db 2020-06-08 15:08:07 +02:00			`authorize SettingContext.new(params[:name])`

release 2.0 rc 2016-03-23 18:39:41 +01:00			`@setting = Setting.find_or_create_by(name: params[:name])`
display VAT rates history 2019-01-14 15:00:33 +01:00			`@show_history = params[:history] == 'true' && current_user.admin?`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`

secure the settings API (read) + read the openlab settings from the db 2020-06-08 15:08:07 +02:00			`def test_present`
			`authorize SettingContext.new(params[:name])`

			`@setting = Setting.get(params[:name])`
			`end`

admin set its customized html template for the home page & can reset it to factory value 2020-01-22 11:53:40 +01:00			`def reset`
			`authorize Setting`

			`setting = Setting.find_or_create_by(name: params[:name])`
ability to lock settings from the env vars 2020-06-15 13:20:48 +02:00			`render status: :locked, json: { error: 'locked setting' } and return unless SettingService.before_update(setting)`

admin set its customized html template for the home page & can reset it to factory value 2020-01-22 11:53:40 +01:00			`first_val = setting.history_values.order(created_at: :asc).limit(1).first`
			`new_val = HistoryValue.create!(`
			`setting_id: setting.id,`
			`value: first_val.value,`
			`invoicing_profile_id: current_user.invoicing_profile.id`
			`)`
ability to lock settings from the env vars 2020-06-15 13:20:48 +02:00			`SettingService.after_update(setting)`
admin set its customized html template for the home page & can reset it to factory value 2020-01-22 11:53:40 +01:00			`render json: new_val, status: :ok`
			`end`

release 2.0 rc 2016-03-23 18:39:41 +01:00			`private`

[ongoing] save settings history 2018-12-17 16:02:02 +01:00			`def setting_params`
			`params.require(:setting).permit(:value)`
			`end`

			`def names_as_string_to_array`
			`params[:names][1..-2].split(',').map(&:strip).map { \|param\| param[1..-2] }.map(&:strip)`
			`end`
transactional bulk update + better error handling while configuring the payment gateway 2021-06-10 10:39:42 +02:00
			# run the given block in a transaction if `should` is true. Just run it normally otherwise
			`def may_transaction(should)`
			`if should == 'true'`
			`ActiveRecord::Base.transaction do`
			`yield`
			`end`
			`else`
			`yield`
			`end`
			`end`

			# rollback the current DB transaction if `should` is true
			`def may_rollback(should)`
			`raise ActiveRecord::Rollback if should == 'true'`
			`end`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`