fab-manager/app/controllers/api/reservations_controller.rb

# frozen_string_literal: true

# API Controller for resources of type Reservation
# Reservations are used for Training, Machine, Space and Event
class API::ReservationsController < API::ApiController
  before_action :authenticate_user!
  before_action :set_reservation, only: %i[show update]
  respond_to :json

  def index
    if params[:reservable_id] && params[:reservable_type] && params[:user_id]
      params[:user_id] = current_user.id unless current_user.admin?

      @reservations = Reservation.where(params.permit(:reservable_id, :reservable_type, :user_id))
    elsif params[:reservable_id] && params[:reservable_type] && current_user.admin?
      @reservations = Reservation.where(params.permit(:reservable_id, :reservable_type))
    else
      @reservations = []
    end
  end

  def show; end

  def create
    method = current_user.admin? ? :local : :stripe
    user_id = current_user.admin? ? reservation_params[:user_id] : current_user.id

    @reservation = Reservation.new(reservation_params)
    is_reserve = Reservations::Reserve.new(user_id)
                                      .pay_and_save(@reservation, method, coupon_params[:coupon_code])

    if is_reserve
      SubscriptionExtensionAfterReservation.new(@reservation).extend_subscription_if_eligible

      render :show, status: :created, location: @reservation
    else
      render json: @reservation.errors, status: :unprocessable_entity
    end
  rescue InvalidCouponError
    render json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity
  end

  def update
    authorize @reservation
    if @reservation.update(reservation_params)
      render :show, status: :ok, location: @reservation
    else
      render json: @reservation.errors, status: :unprocessable_entity
    end
  end

  private

  def set_reservation
    @reservation = Reservation.find(params[:id])
  end

  def reservation_params
    params.require(:reservation).permit(:user_id, :message, :reservable_id, :reservable_type, :card_token, :plan_id,
                                        :nb_reserve_places,
                                        tickets_attributes: %i[event_price_category_id booked],
                                        slots_attributes: %i[id start_at end_at availability_id offered])
  end

  def coupon_params
    params.permit(:coupon_code)
  end
end
rubocop api controllers TODO: - events controller - availabilies controller - members controller - plans controller 2019-01-16 16:28:25 +01:00			`# frozen_string_literal: true`

			`# API Controller for resources of type Reservation`
			`# Reservations are used for Training, Machine, Space and Event`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`class API::ReservationsController < API::ApiController`
			`before_action :authenticate_user!`
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`before_action :set_reservation, only: %i[show update]`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`respond_to :json`

			`def index`
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`if params[:reservable_id] && params[:reservable_type] && params[:user_id]`
refactored roles methods to match ruby conventions 2019-01-14 12:57:31 +01:00			`params[:user_id] = current_user.id unless current_user.admin?`
fix reservation + subscription 2018-12-11 15:07:21 +01:00
release 2.0 rc 2016-03-23 18:39:41 +01:00			`@reservations = Reservation.where(params.permit(:reservable_id, :reservable_type, :user_id))`
refactored roles methods to match ruby conventions 2019-01-14 12:57:31 +01:00			`elsif params[:reservable_id] && params[:reservable_type] && current_user.admin?`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`@reservations = Reservation.where(params.permit(:reservable_id, :reservable_type))`
			`else`
			`@reservations = []`
			`end`
			`end`

fix reservation + subscription 2018-12-11 15:07:21 +01:00			`def show; end`
release 2.0 rc 2016-03-23 18:39:41 +01:00
			`def create`
refactored roles methods to match ruby conventions 2019-01-14 12:57:31 +01:00			`method = current_user.admin? ? :local : :stripe`
			`user_id = current_user.admin? ? reservation_params[:user_id] : current_user.id`
fix reservation + subscription 2018-12-11 15:07:21 +01:00
			`@reservation = Reservation.new(reservation_params)`
			`is_reserve = Reservations::Reserve.new(user_id)`
			`.pay_and_save(@reservation, method, coupon_params[:coupon_code])`
refacto subscription extension with first training using a service 2016-04-07 17:57:48 +02:00
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`if is_reserve`
			`SubscriptionExtensionAfterReservation.new(@reservation).extend_subscription_if_eligible`

			`render :show, status: :created, location: @reservation`
			`else`
			`render json: @reservation.errors, status: :unprocessable_entity`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`rescue InvalidCouponError`
			`render json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`

			`def update`
			`authorize @reservation`
			`if @reservation.update(reservation_params)`
			`render :show, status: :ok, location: @reservation`
			`else`
			`render json: @reservation.errors, status: :unprocessable_entity`
			`end`
			`end`

			`private`
rubocop api controllers TODO: - events controller - availabilies controller - members controller - plans controller 2019-01-16 16:28:25 +01:00
release 2.0 rc 2016-03-23 18:39:41 +01:00			`def set_reservation`
			`@reservation = Reservation.find(params[:id])`
			`end`

			`def reservation_params`
			`params.require(:reservation).permit(:user_id, :message, :reservable_id, :reservable_type, :card_token, :plan_id,`
[ongoing] db architecture for custom prices reservation 2016-08-25 18:41:33 +02:00			`:nb_reserve_places,`
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`tickets_attributes: %i[event_price_category_id booked],`
			`slots_attributes: %i[id start_at end_at availability_id offered])`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`
rebase coupon usage on code instead of id (more secure) 2016-08-10 15:34:47 +02:00
			`def coupon_params`
			`params.permit(:coupon_code)`
			`end`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`