rooty/fab-manager
1
0
Fork 0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-02-21 15:54:22 +01:00
Code Issues Releases Activity

rubocop api controllers

Browse Source 
TODO:
 - events controller
 - availabilies controller
 - members controller
 - plans controller
This commit is contained in:
Sylvain 2019-01-16 16:28:25 +01:00
parent c6cf86fa5c
commit 0cd841da33
35 changed files with 353 additions and 233 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.rubocop.yml
View File

@ -1,5 +1,5 @@
Metrics/LineLength: Metrics/LineLength:
Max: 140 Max: 130
Metrics/MethodLength: Metrics/MethodLength:
Max: 30 Max: 30
Metrics/CyclomaticComplexity: Metrics/CyclomaticComplexity:

19
app/controllers/api/auth_providers_controller.rb
View File

@ -80,17 +80,14 @@ class API::AuthProvidersController < API::ApiController
if params['auth_provider']['providable_type'] == DatabaseProvider.name if params['auth_provider']['providable_type'] == DatabaseProvider.name
params.require(:auth_provider).permit(:name, :providable_type) params.require(:auth_provider).permit(:name, :providable_type)
elsif params['auth_provider']['providable_type'] == OAuth2Provider.name elsif params['auth_provider']['providable_type'] == OAuth2Provider.name
params.require(:auth_provider).permit(:name, :providable_type, params.require(:auth_provider)
providable_attributes: [:id, :base_url, :token_endpoint, :authorization_endpoint, .permit(:name, :providable_type,
:logout_endpoint, :profile_url, :client_id, :client_secret, providable_attributes: [:id, :base_url, :token_endpoint, :authorization_endpoint, :logout_endpoint,
o_auth2_mappings_attributes: [:id, :local_model, :local_field, :profile_url, :client_id, :client_secret,
:api_field, :api_endpoint, o_auth2_mappings_attributes: [:id, :local_model, :local_field, :api_field,
:api_data_type, :_destroy, :api_endpoint, :api_data_type, :_destroy,
transformation: [:type, transformation: [:type, :format, :true_value,
:format, :false_value, mapping: %i[from to]]]])
:true_value,
:false_value,
mapping: %i[from to]]]])
end end
end end
end end

22
app/controllers/api/categories_controller.rb
View File

@ -1,13 +1,16 @@
# frozen_string_literal: true
# API Controller for resources of type Category
# Categories are used to classify Events
class API::CategoriesController < API::ApiController class API::CategoriesController < API::ApiController
before_action :authenticate_user!, except: [:index] before_action :authenticate_user!, except: [:index]
before_action :set_category, only: [:show, :update, :destroy] before_action :set_category, only: %i[show update destroy]
def index def index
@categories = Category.all @categories = Category.all
end end
def show def show; end
end
def create def create
authorize Category authorize Category
@ -39,11 +42,12 @@ class API::CategoriesController < API::ApiController
end end
private private
def set_category
@category = Category.find(params[:id])
end
def category_params def set_category
params.require(:category).permit(:name) @category = Category.find(params[:id])
end end
def category_params
params.require(:category).permit(:name)
end
end end

24
app/controllers/api/components_controller.rb
View File

@ -1,13 +1,16 @@
# frozen_string_literal: true
# API Controller for resources of type Component
# Components are used in Projects
class API::ComponentsController < API::ApiController class API::ComponentsController < API::ApiController
before_action :authenticate_user!, except: [:index, :show] before_action :authenticate_user!, except: %i[index show]
before_action :set_component, only: [:show, :update, :destroy] before_action :set_component, only: %i[show update destroy]
def index def index
@components = Component.all @components = Component.all
end end
def show def show; end
end
def create def create
authorize Component authorize Component
@ -35,11 +38,12 @@ class API::ComponentsController < API::ApiController
end end
private private
def set_component
@component = Component.find(params[:id])
end
def component_params def set_component
params.require(:component).permit(:name) @component = Component.find(params[:id])
end end
def component_params
params.require(:component).permit(:name)
end
end end

43
app/controllers/api/coupons_controller.rb
View File

@ -1,13 +1,16 @@
# frozen_string_literal: true
# API Controller for resources of type Coupon
# Coupons are used in payments
class API::CouponsController < API::ApiController class API::CouponsController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
before_action :set_coupon, only: [:show, :update, :destroy] before_action :set_coupon, only: %i[show update destroy]
def index def index
@coupons = Coupon.all @coupons = Coupon.all
end end
def show def show; end
end
def create def create
authorize Coupon authorize Coupon
@ -22,18 +25,18 @@ class API::CouponsController < API::ApiController
def validate def validate
@coupon = Coupon.find_by(code: params[:code]) @coupon = Coupon.find_by(code: params[:code])
if @coupon.nil? if @coupon.nil?
render json: {status: 'rejected'}, status: :not_found render json: { status: 'rejected' }, status: :not_found
else else
if !current_user.admin? _user_id = if !current_user.admin?
_user_id = current_user.id current_user.id
else else
_user_id = params[:user_id] params[:user_id]
end end
amount = params[:amount].to_f * 100.0 amount = params[:amount].to_f * 100.0
status = @coupon.status(_user_id, amount) status = @coupon.status(_user_id, amount)
if status != 'active' if status != 'active'
render json: {status: status}, status: :unprocessable_entity render json: { status: status }, status: :unprocessable_entity
else else
render :validate, status: :ok, location: @coupon render :validate, status: :ok, location: @coupon
end end
@ -62,18 +65,17 @@ class API::CouponsController < API::ApiController
authorize Coupon authorize Coupon
@coupon = Coupon.find_by(code: params[:coupon_code]) @coupon = Coupon.find_by(code: params[:coupon_code])
if @coupon.nil? if @coupon.nil?
render json: {error: "no coupon with code #{params[:coupon_code]}"}, status: :not_found render json: { error: "no coupon with code #{params[:coupon_code]}" }, status: :not_found
else elsif @coupon.send_to(params[:user_id])
if @coupon.send_to(params[:user_id]) render :show, status: :ok, location: @coupon
render :show, status: :ok, location: @coupon else
else render json: @coupon.errors, status: :unprocessable_entity
render json: @coupon.errors, status: :unprocessable_entity end
end
end
end end
private private
def set_coupon def set_coupon
@coupon = Coupon.find(params[:id]) @coupon = Coupon.find(params[:id])
end end
@ -85,7 +87,8 @@ class API::CouponsController < API::ApiController
@parameters = params @parameters = params
@parameters[:coupon][:amount_off] = @parameters[:coupon][:amount_off].to_f * 100.0 if @parameters[:coupon][:amount_off] @parameters[:coupon][:amount_off] = @parameters[:coupon][:amount_off].to_f * 100.0 if @parameters[:coupon][:amount_off]
@parameters = @parameters.require(:coupon).permit(:name, :code, :percent_off, :amount_off, :validity_per_user, :valid_until, :max_usages, :active) @parameters = @parameters.require(:coupon).permit(:name, :code, :percent_off, :amount_off, :validity_per_user, :valid_until,
:max_usages, :active)
end end
end end

29
app/controllers/api/credits_controller.rb
View File

@ -1,14 +1,18 @@
# frozen_string_literal: true
# API Controller for resources of type Credit
# Credits are used to give free reservations to users
class API::CreditsController < API::ApiController class API::CreditsController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
before_action :set_credit, only: [:show, :update, :destroy] before_action :set_credit, only: %i[show update destroy]
def index def index
authorize Credit authorize Credit
if params @credits = if params
@credits = Credit.includes(:creditable).where(params.permit(:creditable_type)) Credit.includes(:creditable).where(params.permit(:creditable_type))
else else
@credits = Credit.includes(:creditable).all Credit.includes(:creditable).all
end end
end end
def create def create
@ -37,11 +41,12 @@ class API::CreditsController < API::ApiController
end end
private private
def set_credit
@credit = Credit.find(params[:id])
end
def credit_params def set_credit
params.require(:credit).permit! @credit = Credit.find(params[:id])
end end
def credit_params
params.require(:credit).permit!
end
end end

22
app/controllers/api/custom_assets_controller.rb
View File

@ -1,10 +1,10 @@
class API::CustomAssetsController < API::ApiController # frozen_string_literal: true
before_action :authenticate_user!, only: [:index, :update, :create, :destroy]
before_action :set_custom_asset, only: [:show, :update, :destroy]
def index # API Controller for resources of type CustomAsset
#TODO GET /api/custom_assets/ # CustomAssets are used in settings
end class API::CustomAssetsController < API::ApiController
before_action :authenticate_user!, only: %i[index update create destroy]
before_action :set_custom_asset, only: %i[show update destroy]
# PUT /api/custom_assets/1/ # PUT /api/custom_assets/1/
def update def update
@ -28,14 +28,10 @@ class API::CustomAssetsController < API::ApiController
end end
# GET /api/custom_assets/1/ # GET /api/custom_assets/1/
def show def show; end
end
def destroy
#TODO DELETE /api/custom_assets/1/
end
private private
def set_custom_asset def set_custom_asset
@custom_asset = CustomAsset.find_by(name: params[:id]) @custom_asset = CustomAsset.find_by(name: params[:id])
end end
@ -45,4 +41,4 @@ class API::CustomAssetsController < API::ApiController
params.required(:custom_asset).permit(:name, custom_asset_file_attributes: [:attachment]) params.required(:custom_asset).permit(:name, custom_asset_file_attributes: [:attachment])
end end
end end

10
app/controllers/api/event_themes_controller.rb
View File

@ -1,13 +1,16 @@
# frozen_string_literal: true
# API Controller for resources of type EventTheme
# EventTheme are used to classify Events
class API::EventThemesController < API::ApiController class API::EventThemesController < API::ApiController
before_action :authenticate_user!, except: [:index] before_action :authenticate_user!, except: [:index]
before_action :set_event_theme, only: [:show, :update, :destroy] before_action :set_event_theme, only: %i[show update destroy]
def index def index
@event_themes = EventTheme.all @event_themes = EventTheme.all
end end
def show def show; end
end
def create def create
authorize EventTheme authorize EventTheme
@ -39,6 +42,7 @@ class API::EventThemesController < API::ApiController
end end
private private
def set_event_theme def set_event_theme
@event_theme = EventTheme.find(params[:id]) @event_theme = EventTheme.find(params[:id])
end end

45
app/controllers/api/exports_controller.rb
View File

@ -1,3 +1,7 @@
# frozen_string_literal: true
# API Controller for resources of type Export
# Export are used to download data tables in offline files
class API::ExportsController < API::ApiController class API::ExportsController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
before_action :set_export, only: [:download] before_action :set_export, only: [:download]
@ -6,7 +10,9 @@ class API::ExportsController < API::ApiController
authorize @export authorize @export
if FileTest.exist?(@export.file) if FileTest.exist?(@export.file)
send_file File.join(Rails.root, @export.file), :type => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', :disposition => 'attachment' send_file File.join(Rails.root, @export.file),
type: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
disposition: 'attachment'
else else
render text: I18n.t('errors.messages.export_not_found'), status: :not_found render text: I18n.t('errors.messages.export_not_found'), status: :not_found
end end
@ -15,38 +21,39 @@ class API::ExportsController < API::ApiController
def status def status
authorize Export authorize Export
export = Export.where({category: params[:category], export_type: params[:type], query: params[:query], key: params[:key]}) export = Export.where(category: params[:category], export_type: params[:type], query: params[:query], key: params[:key])
if params[:category] === 'users' if params[:category] == 'users'
case params[:type] case params[:type]
when 'subscriptions' when 'subscriptions'
export = export.where('created_at > ?', Subscription.maximum('updated_at')) export = export.where('created_at > ?', Subscription.maximum('updated_at'))
when 'reservations' when 'reservations'
export = export.where('created_at > ?', Reservation.maximum('updated_at')) export = export.where('created_at > ?', Reservation.maximum('updated_at'))
when 'members' when 'members'
export = export.where('created_at > ?', User.with_role(:member).maximum('updated_at')) export = export.where('created_at > ?', User.with_role(:member).maximum('updated_at'))
else else
raise ArgumentError, "Unknown export users/#{params[:type]}" raise ArgumentError, "Unknown export users/#{params[:type]}"
end end
elsif params[:category] === 'availabilities' elsif params[:category] == 'availabilities'
case params[:type] case params[:type]
when 'index' when 'index'
export = export.where('created_at > ?', Availability.maximum('updated_at')) export = export.where('created_at > ?', Availability.maximum('updated_at'))
else else
raise ArgumentError, "Unknown type availabilities/#{params[:type]}" raise ArgumentError, "Unknown type availabilities/#{params[:type]}"
end end
end end
export = export.last export = export.last
if export.nil? || !FileTest.exist?(export.file) if export.nil? || !FileTest.exist?(export.file)
render json: {exists: false, id: nil}, status: :ok render json: { exists: false, id: nil }, status: :ok
else else
render json: {exists: true, id: export.id}, status: :ok render json: { exists: true, id: export.id }, status: :ok
end end
end end
private private
def set_export def set_export
@export = Export.find(params[:id]) @export = Export.find(params[:id])
end end
end end

15
app/controllers/api/feeds_controller.rb
View File

@ -1,16 +1,19 @@
# frozen_string_literal: true
# API Controller to wrap social networks public feeds
class API::FeedsController < API::ApiController class API::FeedsController < API::ApiController
respond_to :json respond_to :json
def twitter_timelines def twitter_timelines
if params limit = if params
limit = params[:limit] params[:limit]
else else
limit = 3 3
end end
from_account = Setting.find_by(name: 'twitter_name').try(:value) || ENV['TWITTER_NAME'] from_account = Setting.find_by(name: 'twitter_name').try(:value) || ENV['TWITTER_NAME']
begin begin
@tweet_news = Feed.twitter.user_timeline(from_account, {count: limit}) @tweet_news = Feed.twitter.user_timeline(from_account, count: limit)
rescue Twitter::Error::BadRequest => e rescue Twitter::Error::BadRequest => e
STDERR.puts "[WARNING] Unable to retrieve the twitter feed, please check your ENV configuration. Details: #{e.message}" STDERR.puts "[WARNING] Unable to retrieve the twitter feed, please check your ENV configuration. Details: #{e.message}"
render status: :no_content render status: :no_content

20
app/controllers/api/groups_controller.rb
View File

@ -1,12 +1,16 @@
# frozen_string_literal: true
# API Controller for resources of type Group
# Groups are used for categorizing Users
class API::GroupsController < API::ApiController class API::GroupsController < API::ApiController
before_action :authenticate_user!, except: :index before_action :authenticate_user!, except: :index
def index def index
if current_user and current_user.admin? @groups = if current_user&.admin?
@groups = Group.all Group.all
else else
@groups = Group.where.not(slug: 'admins') Group.where.not(slug: 'admins')
end end
end end
@ -39,7 +43,7 @@ class API::GroupsController < API::ApiController
private private
def group_params def group_params
params.require(:group).permit(:name, :disabled) params.require(:group).permit(:name, :disabled)
end end
end end

24
app/controllers/api/licences_controller.rb
View File

@ -1,13 +1,16 @@
# frozen_string_literal: true
# API Controller for resources of type Licence
# Licenses are used in Projects
class API::LicencesController < API::ApiController class API::LicencesController < API::ApiController
before_action :authenticate_user!, except: [:index, :show] before_action :authenticate_user!, except: %i[index show]
before_action :set_licence, only: [:show, :update, :destroy] before_action :set_licence, only: %i[show update destroy]
def index def index
@licences = Licence.all @licences = Licence.all
end end
def show def show; end
end
def create def create
authorize Licence authorize Licence
@ -35,11 +38,12 @@ class API::LicencesController < API::ApiController
end end
private private
def set_licence
@licence = Licence.find(params[:id])
end
def licence_params def set_licence
params.require(:licence).permit(:name, :description) @licence = Licence.find(params[:id])
end end
def licence_params
params.require(:licence).permit(:name, :description)
end
end end

41
app/controllers/api/machines_controller.rb
View File

@ -1,15 +1,18 @@
# frozen_string_literal: true
# API Controller for resources of type Machine
class API::MachinesController < API::ApiController class API::MachinesController < API::ApiController
before_action :authenticate_user!, except: [:index, :show] before_action :authenticate_user!, except: %i[index show]
before_action :set_machine, only: [:update, :destroy] before_action :set_machine, only: %i[update destroy]
respond_to :json respond_to :json
def index def index
sort_by = Setting.find_by(name: 'machines_sort_by').value || 'default' sort_by = Setting.find_by(name: 'machines_sort_by').value || 'default'
if sort_by === 'default' @machines = if sort_by == 'default'
@machines = Machine.includes(:machine_image, :plans) Machine.includes(:machine_image, :plans)
else else
@machines = Machine.includes(:machine_image, :plans).order(sort_by) Machine.includes(:machine_image, :plans).order(sort_by)
end end
end end
def show def show
@ -42,22 +45,14 @@ class API::MachinesController < API::ApiController
end end
private private
def set_machine
@machine = Machine.find(params[:id])
end
def machine_params def set_machine
params.require(:machine).permit(:name, :description, :spec, :disabled, :plan_ids, plan_ids: [], machine_image_attributes: [:attachment], @machine = Machine.find(params[:id])
machine_files_attributes: [:id, :attachment, :_destroy]) end
end
def is_reserved(start_at, reservations) def machine_params
is_reserved = false params.require(:machine).permit(:name, :description, :spec, :disabled, :plan_ids,
reservations.each do |r| plan_ids: [], machine_image_attributes: [:attachment],
r.slots.each do |s| machine_files_attributes: %i[id attachment _destroy])
is_reserved = true if s.start_at == start_at end
end
end
is_reserved
end
end end

22
app/controllers/api/notifications_controller.rb
View File

@ -1,3 +1,7 @@
# frozen_string_literal: true
# API Controller for resources of type Notification
# Notifications are scoped by user
class API::NotificationsController < API::ApiController class API::NotificationsController < API::ApiController
include NotifyWith::NotificationsApi include NotifyWith::NotificationsApi
before_action :authenticate_user! before_action :authenticate_user!
@ -12,8 +16,8 @@ class API::NotificationsController < API::ApiController
break unless delete_obsoletes(@notifications) break unless delete_obsoletes(@notifications)
end end
@totals = { @totals = {
total: current_user.notifications.count, total: current_user.notifications.count,
unread: current_user.notifications.where(is_read: false).count unread: current_user.notifications.where(is_read: false).count
} }
render :index render :index
end end
@ -25,17 +29,19 @@ class API::NotificationsController < API::ApiController
break unless delete_obsoletes(@notifications) break unless delete_obsoletes(@notifications)
end end
@totals = { @totals = {
total: current_user.notifications.count, total: current_user.notifications.count,
unread: current_user.notifications.where(is_read: false).count unread: current_user.notifications.where(is_read: false).count
} }
render :index render :index
end end
def polling def polling
@notifications = current_user.notifications.where('is_read = false AND created_at >= :date', date: params[:last_poll]).order('created_at DESC') @notifications = current_user.notifications
.where('is_read = false AND created_at >= :date', date: params[:last_poll])
.order('created_at DESC')
@totals = { @totals = {
total: current_user.notifications.count, total: current_user.notifications.count,
unread: current_user.notifications.where(is_read: false).count unread: current_user.notifications.where(is_read: false).count
} }
render :index render :index
end end
@ -45,7 +51,7 @@ class API::NotificationsController < API::ApiController
def delete_obsoletes(notifications) def delete_obsoletes(notifications)
cleaned = false cleaned = false
notifications.each do |n| notifications.each do |n|
if !Module.const_get(n.attached_object_type) or !n.attached_object if !Module.const_get(n.attached_object_type) || !n.attached_object
n.destroy! n.destroy!
cleaned = true cleaned = true
end end

13
app/controllers/api/open_api_clients_controller.rb
View File

@ -1,3 +1,7 @@
# frozen_string_literal: true
# API Controller for resources of type OpenAPI::Client
# OpenAPI::Clients are used to allow access to the public API
class API::OpenAPIClientsController < API::ApiController class API::OpenAPIClientsController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
@ -5,7 +9,7 @@ class API::OpenAPIClientsController < API::ApiController
authorize OpenAPI::Client authorize OpenAPI::Client
@clients = OpenAPI::Client.order(:created_at) @clients = OpenAPI::Client.order(:created_at)
end end
# add authorization
def create def create
@client = OpenAPI::Client.new(client_params) @client = OpenAPI::Client.new(client_params)
authorize @client authorize @client
@ -40,7 +44,8 @@ class API::OpenAPIClientsController < API::ApiController
end end
private private
def client_params
params.require(:open_api_client).permit(:name) def client_params
end params.require(:open_api_client).permit(:name)
end
end end

12
app/controllers/api/openlab_projects_controller.rb
View File

@ -1,11 +1,13 @@
# frozen_string_literal: true
# API Controller for resources of type Openlab::Projects
# Openlab::Projects are Projects shared between different instances
class API::OpenlabProjectsController < API::ApiController class API::OpenlabProjectsController < API::ApiController
PROJECTS = Openlab::Projects.new PROJECTS = Openlab::Projects.new
def index def index
begin render json: PROJECTS.search(params[:q], page: params[:page], per_page: params[:per_page]).response.body
render json: PROJECTS.search(params[:q], page: params[:page], per_page: params[:per_page]).response.body rescue StandardError
rescue StandardError render json: { errors: ['service unavailable'] }
render json: { errors: ['service unavailable'] }
end
end end
end end

14
app/controllers/api/price_categories_controller.rb
View File

@ -1,6 +1,10 @@
# frozen_string_literal: true
# API Controller for resources of type PriceCategory
# PriceCategories are used in Events
class API::PriceCategoriesController < API::ApiController class API::PriceCategoriesController < API::ApiController
before_action :authenticate_user!, only: [:update, :show, :create, :destroy] before_action :authenticate_user!, only: %i[update show create destroy]
before_action :set_price_category, only: [:show, :update, :destroy] before_action :set_price_category, only: %i[show update destroy]
def index def index
@price_categories = PriceCategory.all @price_categories = PriceCategory.all
@ -15,8 +19,7 @@ class API::PriceCategoriesController < API::ApiController
end end
end end
def show def show; end
end
def create def create
authorize PriceCategory authorize PriceCategory
@ -38,6 +41,7 @@ class API::PriceCategoriesController < API::ApiController
end end
private private
def set_price_category def set_price_category
@price_category = PriceCategory.find(params[:id]) @price_category = PriceCategory.find(params[:id])
end end
@ -45,4 +49,4 @@ class API::PriceCategoriesController < API::ApiController
def price_category_params def price_category_params
params.require(:price_category).permit(:name, :conditions) params.require(:price_category).permit(:name, :conditions)
end end
end end

51
app/controllers/api/prices_controller.rb
View File

@ -1,3 +1,7 @@
# frozen_string_literal: true
# API Controller for resources of type Price
# Prices are used in reservations (Machine, Space)
class API::PricesController < API::ApiController class API::PricesController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
@ -6,29 +10,26 @@ class API::PricesController < API::ApiController
@prices = Price.all @prices = Price.all
if params[:priceable_type] if params[:priceable_type]
@prices = @prices.where(priceable_type: params[:priceable_type]) @prices = @prices.where(priceable_type: params[:priceable_type])
if params[:priceable_id]
@prices = @prices.where(priceable_id: params[:priceable_id]) @prices = @prices.where(priceable_id: params[:priceable_id]) if params[:priceable_id]
end
end end
if params[:plan_id] if params[:plan_id]
if params[:plan_id] =~ /no|nil|null|undefined/i plan_id = if params[:plan_id] =~ /no|nil|null|undefined/i
plan_id = nil nil
else else
plan_id = params[:plan_id] params[:plan_id]
end end
@prices = @prices.where(plan_id: plan_id) @prices = @prices.where(plan_id: plan_id)
end end
if params[:group_id] @prices = @prices.where(group_id: params[:group_id]) if params[:group_id]
@prices = @prices.where(group_id: params[:group_id])
end
end end
def update def update
authorize Price authorize Price
@price = Price.find(params[:id]) @price = Price.find(params[:id])
_price_params = price_params price_parameters = price_params
_price_params[:amount] = _price_params[:amount] * 100 price_parameters[:amount] = price_parameters[:amount] * 100
if @price.update(_price_params) if @price.update(price_parameters)
render status: :ok render status: :ok
else else
render status: :unprocessable_entity render status: :unprocessable_entity
@ -36,15 +37,22 @@ class API::PricesController < API::ApiController
end end
def compute def compute
_price_params = compute_price_params price_parameters = compute_price_params
# user # user
_user = User.find(_price_params[:user_id]) user = User.find(price_parameters[:user_id])
# reservable # reservable
if _price_params[:reservable_id].nil? if price_parameters[:reservable_id].nil?
@amount = {elements: nil, total: 0, before_coupon: 0} @amount = {elements: nil, total: 0, before_coupon: 0}
else else
_reservable = _price_params[:reservable_type].constantize.find(_price_params[:reservable_id]) reservable = price_parameters[:reservable_type].constantize.find(price_parameters[:reservable_id])
@amount = Price.compute(current_user.admin?, _user, _reservable, _price_params[:slots_attributes] || [], _price_params[:plan_id], _price_params[:nb_reserve_places], _price_params[:tickets_attributes], coupon_params[:coupon_code]) @amount = Price.compute(current_user.admin?,
user,
reservable,
price_parameters[:slots_attributes] || [],
price_parameters[:plan_id],
price_parameters[:nb_reserve_places],
price_parameters[:tickets_attributes],
coupon_params[:coupon_code])
end end
@ -56,14 +64,15 @@ class API::PricesController < API::ApiController
end end
private private
def price_params def price_params
params.require(:price).permit(:amount) params.require(:price).permit(:amount)
end end
def compute_price_params def compute_price_params
params.require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :user_id, :nb_reserve_places, params.require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :user_id, :nb_reserve_places,
tickets_attributes: [:event_price_category_id, :booked], tickets_attributes: %i[event_price_category_id booked],
slots_attributes: [:id, :start_at, :end_at, :availability_id, :offered]) slots_attributes: %i[id start_at end_at availability_id offered])
end end
def coupon_params def coupon_params

21
app/controllers/api/pricing_controller.rb
View File

@ -1,5 +1,8 @@
# frozen_string_literal: true
# API Controller for managing Plans prices
class API::PricingController < API::ApiController class API::PricingController < API::ApiController
before_action :authenticate_user!, except: [:index, :show] before_action :authenticate_user!, except: %i[index show]
def index def index
@group_pricing = Group.includes(:plans, :trainings_pricings) @group_pricing = Group.includes(:plans, :trainings_pricings)
@ -10,14 +13,14 @@ class API::PricingController < API::ApiController
if params[:training].present? if params[:training].present?
training = Training.find params[:training] training = Training.find params[:training]
params[:group_pricing].each do |group_id, amount| params[:group_pricing].each do |group_id, amount|
if training next unless training
group = Group.includes(:plans).find(group_id)
if group group = Group.includes(:plans).find(group_id)
training_pricing = group.trainings_pricings.find_or_initialize_by(training_id: training.id) next unless group
training_pricing.amount = amount * 100
training_pricing.save training_pricing = group.trainings_pricings.find_or_initialize_by(training_id: training.id)
end training_pricing.amount = amount * 100
end training_pricing.save
end end
end end
head 200 head 200

3
app/controllers/api/projects_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller for resources of type Project
class API::ProjectsController < API::ApiController class API::ProjectsController < API::ApiController
before_action :authenticate_user!, except: %i[index show last_published search] before_action :authenticate_user!, except: %i[index show last_published search]
before_action :set_project, only: %i[update destroy] before_action :set_project, only: %i[update destroy]

5
app/controllers/api/reservations_controller.rb
View File

@ -1,3 +1,7 @@
# frozen_string_literal: true
# API Controller for resources of type Reservation
# Reservations are used for Training, Machine, Space and Event
class API::ReservationsController < API::ApiController class API::ReservationsController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
before_action :set_reservation, only: %i[show update] before_action :set_reservation, only: %i[show update]
@ -46,6 +50,7 @@ class API::ReservationsController < API::ApiController
end end
private private
def set_reservation def set_reservation
@reservation = Reservation.find(params[:id]) @reservation = Reservation.find(params[:id])
end end

3
app/controllers/api/settings_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller for resources of type Setting
class API::SettingsController < API::ApiController class API::SettingsController < API::ApiController
before_action :authenticate_user!, only: :update before_action :authenticate_user!, only: :update

9
app/controllers/api/slots_controller.rb
View File

@ -1,6 +1,10 @@
# frozen_string_literal: true
# API Controller for resources of type Slot
# Slots are used to cut Availabilities into reservable slots of ApplicationHelper::SLOT_DURATION minutes
class API::SlotsController < API::ApiController class API::SlotsController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
before_action :set_slot, only: [:update, :cancel] before_action :set_slot, only: %i[update cancel]
respond_to :json respond_to :json
def update def update
@ -15,10 +19,11 @@ class API::SlotsController < API::ApiController
def cancel def cancel
authorize @slot authorize @slot
@slot.update_attributes(:canceled_at => DateTime.now) @slot.update_attributes(canceled_at: DateTime.now)
end end
private private
def set_slot def set_slot
@slot = Slot.find(params[:id]) @slot = Slot.find(params[:id])
end end

21
app/controllers/api/spaces_controller.rb
View File

@ -1,5 +1,8 @@
# frozen_string_literal: true
# API Controller for resources of type Space
class API::SpacesController < API::ApiController class API::SpacesController < API::ApiController
before_action :authenticate_user!, except: [:index, :show] before_action :authenticate_user!, except: %i[index show]
respond_to :json respond_to :json
def index def index
@ -38,12 +41,14 @@ class API::SpacesController < API::ApiController
end end
private private
def get_space
Space.friendly.find(params[:id])
end
def space_params def get_space
params.require(:space).permit(:name, :description, :characteristics, :default_places, :disabled, space_image_attributes: [:attachment], Space.friendly.find(params[:id])
space_files_attributes: [:id, :attachment, :_destroy]) end
end
def space_params
params.require(:space).permit(:name, :description, :characteristics, :default_places, :disabled,
space_image_attributes: [:attachment],
space_files_attributes: %i[id attachment _destroy])
end
end end

34
app/controllers/api/statistics_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller for resources of type Space
class API::StatisticsController < API::ApiController class API::StatisticsController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
@ -6,7 +9,7 @@ class API::StatisticsController < API::ApiController
@statistics = StatisticIndex.all @statistics = StatisticIndex.all
end end
%w(account event machine project subscription training user space).each do |path| %w[account event machine project subscription training user space].each do |path|
class_eval %{ class_eval %{
def #{path} def #{path}
authorize :statistic, :#{path}? authorize :statistic, :#{path}?
@ -27,38 +30,50 @@ class API::StatisticsController < API::ApiController
# return result # return result
render json: results render json: results
end end
}, __FILE__, __LINE__ - 20
end
%w[account event machine project subscription training user space].each do |path|
class_eval %{
def export_#{path} def export_#{path}
authorize :statistic, :export_#{path}? authorize :statistic, :export_#{path}?
export = Export.where({category:'statistics', export_type: '#{path}', query: params[:body], key: params[:type_key]}).last export = Export.where(category:'statistics', export_type: '#{path}', query: params[:body], key: params[:type_key]).last
if export.nil? || !FileTest.exist?(export.file) if export.nil? || !FileTest.exist?(export.file)
@export = Export.new({category:'statistics', export_type: '#{path}', user: current_user, query: params[:body], key: params[:type_key]}) @export = Export.new(category:'statistics',
export_type: '#{path}',
user: current_user,
query: params[:body],
key: params[:type_key])
if @export.save if @export.save
render json: {export_id: @export.id}, status: :ok render json: {export_id: @export.id}, status: :ok
else else
render json: @export.errors, status: :unprocessable_entity render json: @export.errors, status: :unprocessable_entity
end end
else else
send_file File.join(Rails.root, export.file), :type => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', :disposition => 'attachment' send_file File.join(Rails.root, export.file),
type: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
disposition: 'attachment'
end end
end end
} }, __FILE__, __LINE__ - 22
end end
def export_global def export_global
authorize :statistic, :export_global? authorize :statistic, :export_global?
export = Export.where({category:'statistics', export_type: 'global', query: params[:body]}).last export = Export.where(category: 'statistics', export_type: 'global', query: params[:body]).last
if export.nil? || !FileTest.exist?(export.file) if export.nil? || !FileTest.exist?(export.file)
@export = Export.new({category:'statistics', export_type: 'global', user: current_user, query: params[:body]}) @export = Export.new(category: 'statistics', export_type: 'global', user: current_user, query: params[:body])
if @export.save if @export.save
render json: {export_id: @export.id}, status: :ok render json: { export_id: @export.id }, status: :ok
else else
render json: @export.errors, status: :unprocessable_entity render json: @export.errors, status: :unprocessable_entity
end end
else else
send_file File.join(Rails.root, export.file), :type => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', :disposition => 'attachment' send_file File.join(Rails.root, export.file),
type: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
disposition: 'attachment'
end end
end end
@ -68,5 +83,4 @@ class API::StatisticsController < API::ApiController
results = Elasticsearch::Model.client.scroll scroll: params[:scroll], scroll_id: params[:scrollId] results = Elasticsearch::Model.client.scroll scroll: params[:scroll], scroll_id: params[:scrollId]
render json: results render json: results
end end
end end

8
app/controllers/api/stylesheets_controller.rb
View File

@ -1,3 +1,7 @@
# frozen_string_literal: true
# API Controller for resources of type Stylesheet
# Stylesheets are used to customize the appearance of fab-manager
class API::StylesheetsController < API::ApiController class API::StylesheetsController < API::ApiController
caches_page :show # magic happens here caches_page :show # magic happens here
@ -5,7 +9,7 @@ class API::StylesheetsController < API::ApiController
@stylesheet = Stylesheet.find(params[:id]) @stylesheet = Stylesheet.find(params[:id])
respond_to do |format| respond_to do |format|
format.html # regular ERB template format.html # regular ERB template
format.css { render :text => @stylesheet.contents, :content_type => 'text/css' } format.css { render text: @stylesheet.contents, content_type: 'text/css' }
end end
end end
end end

5
app/controllers/api/subscriptions_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller for resources of type Subscription
class API::SubscriptionsController < API::ApiController class API::SubscriptionsController < API::ApiController
include FablabConfiguration include FablabConfiguration
@ -64,7 +67,7 @@ class API::SubscriptionsController < API::ApiController
params.require(:subscription).permit(:expired_at) params.require(:subscription).permit(:expired_at)
end end
# TODO refactor subscriptions logic and move this in model/validator # TODO, refactor subscriptions logic and move this in model/validator
def valid_card_token?(token) def valid_card_token?(token)
Stripe::Token.retrieve(token) Stripe::Token.retrieve(token)
rescue Stripe::InvalidRequestError => e rescue Stripe::InvalidRequestError => e

5
app/controllers/api/tags_controller.rb
View File

@ -1,3 +1,7 @@
# frozen_string_literal: true
# API Controller for resources of type Tag
# Tags are used to restrict access to Availabilities
class API::TagsController < API::ApiController class API::TagsController < API::ApiController
before_action :authenticate_user!, except: %i[index show] before_action :authenticate_user!, except: %i[index show]
@ -35,6 +39,7 @@ class API::TagsController < API::ApiController
end end
private private
def set_tag def set_tag
@tag = Tag.find(params[:id]) @tag = Tag.find(params[:id])
end end

4
app/controllers/api/themes_controller.rb
View File

@ -1,3 +1,7 @@
# frozen_string_literal: true
# API Controller for resources of type Theme
# Themes are used in Projects
class API::ThemesController < API::ApiController class API::ThemesController < API::ApiController
before_action :authenticate_user!, except: %i[index show] before_action :authenticate_user!, except: %i[index show]
before_action :set_theme, only: %i[show update destroy] before_action :set_theme, only: %i[show update destroy]

15
app/controllers/api/trainings_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller for resources of type Training
class API::TrainingsController < API::ApiController class API::TrainingsController < API::ApiController
include ApplicationHelper include ApplicationHelper
@ -7,14 +10,12 @@ class API::TrainingsController < API::ApiController
def index def index
@requested_attributes = params[:requested_attributes] @requested_attributes = params[:requested_attributes]
@trainings = policy_scope(Training) @trainings = policy_scope(Training)
if params[:public_page] @trainings = @trainings.where(public_page: true) if params[:public_page]
@trainings = @trainings.where(public_page: true)
end
if attribute_requested?(@requested_attributes, 'availabilities') return unless attribute_requested?(@requested_attributes, 'availabilities')
@trainings = @trainings.includes(availabilities: [slots: [reservation: [user: %i[profile trainings]]]])
.order('availabilities.start_at DESC') @trainings = @trainings.includes(availabilities: [slots: [reservation: [user: %i[profile trainings]]]])
end .order('availabilities.start_at DESC')
end end
def show def show

9
app/controllers/api/trainings_pricings_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller for managing Training prices
class API::TrainingsPricingsController < API::ApiController class API::TrainingsPricingsController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
@ -8,9 +11,9 @@ class API::TrainingsPricingsController < API::ApiController
def update def update
if current_user.admin? if current_user.admin?
@trainings_pricing = TrainingsPricing.find(params[:id]) @trainings_pricing = TrainingsPricing.find(params[:id])
_trainings_pricing_params = trainings_pricing_params trainings_pricing_parameters = trainings_pricing_params
_trainings_pricing_params[:amount] = _trainings_pricing_params[:amount] * 100 trainings_pricing_parameters[:amount] = trainings_pricing_parameters[:amount] * 100
if @trainings_pricing.update(_trainings_pricing_params) if @trainings_pricing.update(trainings_pricing_parameters)
render status: :ok render status: :ok
else else
render status: :unprocessable_entity render status: :unprocessable_entity

3
app/controllers/api/translations_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller for managing front-end translations
class API::TranslationsController < API::ApiController class API::TranslationsController < API::ApiController
before_action :set_locale before_action :set_locale

3
app/controllers/api/users_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller for resources of type Users with role :partner
class API::UsersController < API::ApiController class API::UsersController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!

3
app/controllers/api/version_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller to get the fab-manager version
class API::VersionController < API::ApiController class API::VersionController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!

7
app/controllers/api/wallet_controller.rb
View File

@ -1,3 +1,6 @@
# frozen_string_literal: true
# API Controller for resources of type Wallet
class API::WalletController < API::ApiController class API::WalletController < API::ApiController
before_action :authenticate_user! before_action :authenticate_user!
@ -19,9 +22,7 @@ class API::WalletController < API::ApiController
service = WalletService.new(user: current_user, wallet: @wallet) service = WalletService.new(user: current_user, wallet: @wallet)
transaction = service.credit(credit_params[:amount].to_f) transaction = service.credit(credit_params[:amount].to_f)
if transaction if transaction
if credit_params[:avoir] service.create_avoir(transaction, credit_params[:avoir_date], credit_params[:avoir_description]) if credit_params[:avoir]
service.create_avoir(transaction, credit_params[:avoir_date], credit_params[:avoir_description])
end
render :show render :show
else else
head 422 head 422