summaryrefslogtreecommitdiff
path: root/app/controllers/concerns/membership_actions.rb
blob: 8fd4e98d557992a4105c6402f6f70456deb4e4d8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
# frozen_string_literal: true

module MembershipActions
  include MembersPresentation
  extend ActiveSupport::Concern

  def create
    create_params = params.permit(:user_ids, :access_level, :expires_at)
    result = Members::CreateService.new(current_user, create_params.merge({ source: membershipable, invite_source: "#{plain_source_type}-members-page" })).execute

    if result[:status] == :success
      redirect_to members_page_url, notice: _('Users were successfully added.')
    else
      redirect_to members_page_url, alert: result[:message]
    end
  end

  def update
    update_params = params.require(root_params_key).permit(:access_level, :expires_at)
    member = membershipable.members_and_requesters.find(params[:id])
    result = Members::UpdateService
      .new(current_user, update_params)
      .execute(member)

    member = result[:member]

    member_data = if member.expires?
                    {
                      expires_in: helpers.distance_of_time_in_words_to_now(member.expires_at),
                      expires_soon: member.expires_soon?,
                      expires_at_formatted: member.expires_at.to_time.in_time_zone.to_s(:medium)
                    }
                  else
                    {}
                  end

    if result[:status] == :success
      render json: member_data
    else
      render json: { message: result[:message] }, status: :unprocessable_entity
    end
  end

  def destroy
    member = membershipable.members_and_requesters.find(params[:id])
    skip_subresources = !ActiveRecord::Type::Boolean.new.cast(params.delete(:remove_sub_memberships))
    # !! is used in case unassign_issuables contains empty string which would result in nil
    unassign_issuables = !!ActiveRecord::Type::Boolean.new.cast(params.delete(:unassign_issuables))

    Members::DestroyService.new(current_user).execute(member, skip_subresources: skip_subresources, unassign_issuables: unassign_issuables)

    respond_to do |format|
      format.html do
        message =
          begin
            case membershipable
            when Namespace
              if skip_subresources
                _("User was successfully removed from group.")
              else
                _("User was successfully removed from group and any subgroups and projects.")
              end
            else
              _("User was successfully removed from project.")
            end
          end

        redirect_to members_page_url, notice: message
      end

      format.js { head :ok }
    end
  end

  def request_access
    access_requester = membershipable.request_access(current_user)

    if access_requester.persisted?
      redirect_to polymorphic_path(membershipable),
                  notice: _('Your request for access has been queued for review.')
    else
      redirect_to polymorphic_path(membershipable),
                  alert: _("Your request for access could not be processed: %{error_meesage}") %
                    { error_meesage: access_requester.errors.full_messages.to_sentence }
    end
  end

  def approve_access_request
    access_requester = membershipable.requesters.find(params[:id])
    Members::ApproveAccessRequestService
      .new(current_user, params)
      .execute(access_requester)

    redirect_to members_page_url
  end

  # rubocop: disable CodeReuse/ActiveRecord
  def leave
    member = membershipable.members_and_requesters.find_by!(user_id: current_user.id)
    Members::DestroyService.new(current_user).execute(member)

    notice =
      if member.request?
        _("Your access request to the %{source_type} has been withdrawn.") % { source_type: source_type }
      else
        _("You left the \"%{membershipable_human_name}\" %{source_type}.") % { membershipable_human_name: membershipable.human_name, source_type: source_type }
      end

    respond_to do |format|
      format.html do
        redirect_path = member.request? ? member.source : [:dashboard, membershipable.class.to_s.tableize.to_sym]
        redirect_to redirect_path, notice: notice
      end

      format.json { render json: { notice: notice } }
    end
  end
  # rubocop: enable CodeReuse/ActiveRecord

  def resend_invite
    member = membershipable_members.find(params[:id])

    if member.invite?
      member.resend_invite

      redirect_to members_page_url, notice: _('The invitation was successfully resent.')
    else
      redirect_to members_page_url, alert: _('The invitation has already been accepted.')
    end
  end

  protected

  def membershipable
    raise NotImplementedError
  end

  def membershipable_members
    raise NotImplementedError
  end

  def root_params_key
    raise NotImplementedError
  end

  def members_page_url
    raise NotImplementedError
  end

  def source_type
    raise NotImplementedError
  end

  def plain_source_type
    raise NotImplementedError
  end

  def requested_relations
    case params[:with_inherited_permissions].presence
    when 'exclude'
      [:direct]
    when 'only'
      [:inherited]
    else
      [:inherited, :direct]
    end
  end
end

MembershipActions.prepend_mod_with('MembershipActions')