Skip to content

Commit

Permalink
Merge pull request #422 from DigitalCurationCentre/xsrust/bugfixes
Browse files Browse the repository at this point in the history
Xsrust/bugfixes
  • Loading branch information
vyruss authored Jun 14, 2017
2 parents 2244fcf + caec171 commit 2f7e4f2
Show file tree
Hide file tree
Showing 17 changed files with 169 additions and 158 deletions.
4 changes: 2 additions & 2 deletions app/controllers/api/v0/guidance_groups_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ def show
end

def index
raise Pundit::NotAuthorizedError unless Api::V0::GuidanceGroupPolicy.new(@user, :guidance_group).index?
@all_viewable_groups = GuidanceGroup.all_viewable(@user)
raise Pundit::NotAuthorizedError unless Api::V0::GuidanceGroupPolicy.new(@user, :guidance_group).index?
@all_viewable_groups = GuidanceGroup.all_viewable(@user)
respond_with @all_viewable_groups
end

Expand Down
126 changes: 35 additions & 91 deletions app/controllers/api/v0/plans_controller.rb
Original file line number Diff line number Diff line change
@@ -1,104 +1,48 @@
module Api
module V0
class ProjectsController < Api::V0::BaseController
class PlansController < Api::V0::BaseController
before_action :authenticate

swagger_controller :projects, 'Plans'

swagger_api :create do |api|
summary 'Returns a single guidance group item'
notes 'Notes...'
param :header, 'Authentication-Token', :string, :required, 'Authentication-Token'
response :unauthorized
response :not_found
end

##
# Creates a new project based on the information passed in JSON to the API
# Creates a new plan based on the information passed in JSON to the API
def create
# find the user's api_token permissions
# then ensure that they have the permission associated with creating plans
if has_auth(constant("api_endpoint_types.plans"))
#params[:organization_id] = Org.where(name: params[:template][:organization])
# find_by returns nil if none found, find_by! raises an ActiveRecord error
org = Org.find_by name: params[:template][:organisation]

# if organization exists
if !org.nil?
# if organization is funder
if org.funder?
# if organization has only 1 template
if org.templates.length == 1
# set template id
template = org.templates.first
# else if params.template.name specified && params.template.name == one of organization's tempates
elsif !org.templates.find_by title: params[:template][:name].nil?
# set template id
template = org.templates.find_by title: params[:template][:name]
# else error: organization has more than one template and template name unspecified
else
render json: _('{"Error":"Organisation has more than one template and template name unspecified or invalid"}'), status: 400 and return
end
# else error: organization specified is not a funder
else
render json: _('{"Error":"Organisation specified is not a funder"}'), status: 400 and return
end
# else error: organization does not exist
else
render json: _('{"Error":"Organisation does not exist"}'), status: 400 and return
end

all_groups = []
# Check to see if the user specified guidances
if !params[:guidance].nil?
# for each specified guidance, see if it exists
params[:guidance][:name].each do |guidance_name|
group = GuidanceGroup.find_by(name: guidance_name)
# if it exists, add it to the guidances for the new project
if !group.nil?
all_groups = all_groups + [group]
end
end
end

# cant invite a user without having a current user because of devise :ivitable
# after we have auth, will be able to assign an :invited_by_id
user = User.find_by email: params[:project][:email]
# if user does not exist
if user.nil?
# invite user to DMPRoadmap
User.invite!({email: params[:project][:email]}, ( @user))
# set project owner to user associated w/email
user = (User.find_by email: params[:project][:email])
end

# create new project with specified parameters
@project = Plan.new
@project.title = params[:project][:title]
@project.template = template
@project.slug = params[:project][:title]
#@project.organisation = @user.organisations.first
@project.assign_creator(user.id)
@project.guidance_groups = all_groups

# if save successful, render success, otherwise show error
if @project.save
#render json: @project ,status: :created
render :show, status: :created
else
render json: get_resource.errors, status: :unprocessable_entity
end
@template = Template.live(params[:template_id])
raise Pundit::NotAuthorizedError unless Api::V0::PlansPolicy.new(@user, @template).create?

plan_user = User.find_by(email: params[:plan][:email])
# ensure user exists
if plan_user.blank?
User.invite!({email: params[:plan][:email]}, ( @user))
plan_user = User.find_by(email: params[:plan][:email])
plan_user.org = @user.org
plan_user.save
end
# ensure user's organisation is the same as api user's
raise Pundit::NotAuthorizedError, _("user must be in your organisation") unless plan_user.org == @user.org

# initialize the plan
@plan = Plan.new
@plan.principal_investigator = plan_user.surname.blank? ? nil : "#{plan_user.firstname} #{plan_user.surname}"
@plan.data_contact = plan_user.email
# set funder name to template's org, or original template's org
if @template.customization_of.nil?
@plan.funder_name = @template.org.name
else

render json: _('{"Error":"You do not have authorisation to view this endpoint"}'), status: 400 and return
@plan.funder_name = Template.where(dmptemplate_id: @template.customization_of).first.org.name
end
@plan.template = @template
@plan.title = params[:plan][:title]
if @plan.save
@plan.assign_creator(plan_user)
respond_with @plan
else
# the plan did not save
self.headers['WWW-Authenticate'] = "Token realm=\"\""
render json: _("Bad Parameters"), status: 400
end
end

# private
# def project_params
# params.require(:template).permit(:organisation, :name)
# params.require(:project).permit(:title, :email)
# end

end
end
end
46 changes: 37 additions & 9 deletions app/controllers/api/v0/statistics_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,26 @@ def users_joined
# @return the number of DMPs using the specified template between the optional specified dates
# ensures that the template is owned/created by the caller's organisation
def using_template
template = Template.find(params[:id])
raise Pundit::NotAuthorizedError unless Api::V0::StatisticsPolicy.new(@user, template).using_template?
@template_count = restrict_date_range(template.plans).count
respond_with @template_count
org_templates = @user.org.templates.where(customization_of: nil)
raise Pundit::NotAuthorizedError unless Api::V0::StatisticsPolicy.new(@user, org_templates.first).using_template?
@templates = {}
org_templates.each do |template|
if @templates[template.title].blank?
@templates[template.title] = {}
@templates[template.title][:title] = template.title
@templates[template.title][:id] = template.dmptemplate_id
if template.plans.present?
@templates[template.title][:uses] = restrict_date_range(template.plans).length
else
@templates[template.title][:uses] = 0
end
else
if template.plans.present?
@templates[template.title][:uses] += restrict_date_range(template.plans).length
end
end
end
respond_with @templates
end

##
Expand All @@ -39,16 +55,28 @@ def using_template
# as the user who ititiated the call
def plans_by_template
raise Pundit::NotAuthorizedError unless Api::V0::StatisticsPolicy.new(@user, :statistics).plans_by_template?
@org_projects = []
org_projects = []
@user.org.users.each do |user|
user.plans.each do |plan|
unless @org_projects.include? plan
@org_projects += [plan]
unless org_projects.include? plan
org_projects += [plan]
end
end
end
@org_projects = restrict_date_range(@org_projects)
respond_with @org_projects
org_projects = restrict_date_range(org_projects)
@templates = {}
org_projects.each do |plan|
# if hash exists
if @templates[plan.template.title].blank?
@templates[plan.template.title] = {}
@templates[plan.template.title][:title] = plan.template.title
@templates[plan.template.title][:id] = plan.template.dmptemplate_id
@templates[plan.template.title][:uses] = 1
else
@templates[plan.template.title][:uses] += 1
end
end
respond_with @templates
end

##
Expand Down
28 changes: 23 additions & 5 deletions app/controllers/api/v0/templates_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,34 @@ class TemplatesController < Api::V0::BaseController
def index
# check if the user has permissions to use the templates API
raise Pundit::NotAuthorizedError unless Api::V0::TemplatePolicy.new(@user, :guidance_group).index?

@org_templates = {}
published_templates = Template.includes(:org).where(customization_of: nil, published: true).order(:org_id, :version)
published_templates.all.each do |temp|

published_templates = Template.includes(:org).valid.where(customization_of: nil, published: true).order(:org_id, :version)
customized_templates = Template.includes(:org).valid.where(org_id: @user.org_id, published: true).where.not(customization_of: nil)

published_templates.each do |temp|
if @org_templates[temp.org].present?
if @org_templates[temp.org][:own][temp.dmptemplate_id].nil?
@org_templates[temp.org][:own][temp.dmptemplate_id] = temp
end
else
@org_templates[temp.org] = {}
@org_templates[temp.org][:own] = {}
@org_templates[temp.org][:cust] = {}
@org_templates[temp.org][:own][temp.dmptemplate_id] = temp
end
end
customized_templates.each do |temp|
if @org_templates[temp.org].present?
if @org_templates[temp.org][temp.dmptemplate_id].nil?
@org_templates[temp.org][temp.dmptemplate_id] = temp
if @org_templates[temp.org][:cust][temp.dmptemplate_id].nil?
@org_templates[temp.org][:cust][temp.dmptemplate_id] = temp
end
else
@org_templates[temp.org] = {}
@org_templates[temp.org][temp.dmptemplate_id] = temp
@org_templates[temp.org][:own] = {}
@org_templates[temp.org][:cust] = {}
@org_templates[temp.org][:cust][temp.dmptemplate_id] = temp
end
end
respond_with @org_templates
Expand Down
4 changes: 2 additions & 2 deletions app/models/guidance_group.rb
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ def self.can_view?(user, guidance_group)
# @return [Array<GuidanceGroup>] a list of all "viewable" guidance groups to a user
def self.all_viewable(user)
# first find all groups owned by the Managing Curation Center
managing_org_groups = Org.includes(:guidance_groups).managing_orgs.collect{|org| org.guidance_groups}
managing_org_groups = Org.includes(guidance_groups: [guidances: :themes]).managing_orgs.collect{|org| org.guidance_groups}

# find all groups owned by a Funder organisation
funder_groups = Org.includes(:guidance_groups).funders.collect{|org| org.guidance_groups}
Expand All @@ -112,7 +112,7 @@ def self.all_viewable(user)

# pass this organisation guidance groups to the view with respond_with @all_viewable_groups
all_viewable_groups = managing_org_groups + funder_groups + organisation_groups
all_viewable_groups = all_viewable_groups.flatten.uniq{|x| x.id}
all_viewable_groups = all_viewable_groups.flatten.uniq
return all_viewable_groups
end
end
3 changes: 2 additions & 1 deletion app/models/org.rb
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,8 @@ class Org < ActiveRecord::Base
:logo_file_name, :name, :target_url,
:organisation_type_id, :wayfless_entity, :parent_id, :sort_name,
:token_permission_type_ids, :language_id, :contact_email,
:language, :org_type, :region, :token_permission_types
:language, :org_type, :region, :token_permission_types,
:guidance_group_ids, :is_other, :region_id, :logo_uid, :logo_name

##
# Validators
Expand Down
23 changes: 23 additions & 0 deletions app/policies/api/v0/plans_policy.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
module Api
module V0
class PlansPolicy < ApplicationPolicy
attr_reader :user
attr_reader :template

def initialize(user, template)
raise Pundit::NotAuthorizedError, _("must be logged in") unless user
unless user.org.token_permission_types.include? TokenPermissionType::PLANS
raise Pundit::NotAuthorizedError, _("must have access to plans api")
end
@user = user
@template = template
end

##
# users can create a plan if their template exists
def create?
@template.present?
end
end
end
end
9 changes: 8 additions & 1 deletion app/views/api/v0/guidance_groups/index.json.jbuilder
Original file line number Diff line number Diff line change
Expand Up @@ -7,4 +7,11 @@ json.guidance_groups @all_viewable_groups do |guidance_group|

json.optional guidance_group.optional_subset
json.updated guidance_group.updated_at
end
json.guidances guidance_group.guidances.each do |guidance|
json.text guidance.text
json.updated guidance.updated_at
json.themes guidance.themes.each do |theme|
json.title theme.title
end
end
end
17 changes: 7 additions & 10 deletions app/views/api/v0/plans/create.json.jbuilder
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,11 @@

json.prettify!

json.project do
json.title @project.title
json.plan do
json.title @plan.title
json.template @plan.template.title
# TODO add after decision on user creation/identification
#json.created_by @project.owner.email
json.id @project.id
json.created_at @project.created_at
end

# json.location do
# json.link (url_for action: 'show', controller: 'project')
# end
json.created_by @plan.owner.email
json.id @plan.id
json.created_at @plan.created_at
end
7 changes: 2 additions & 5 deletions app/views/api/v0/statistics/plans.json.jbuilder
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,10 @@ json.prettify!
json.plans @org_plans.each do |plan|
json.id plan.id
json.grant_number plan.grant_number
json.org_id plan.owner.org.id
json.title plan.title
json.template do
json.title plan.template.title
json.id plan.template.id
end
json.project do
json.title plan.title
json.id plan.template.dmptemplate_id
end
json.funder do
json.name (plan.template.org.funder? ? plan.template.org.name : '')
Expand Down
17 changes: 2 additions & 15 deletions app/views/api/v0/statistics/plans_by_template.json.jbuilder
Original file line number Diff line number Diff line change
@@ -1,20 +1,7 @@
json.prettify!
templates = {}
@org_projects.each do |plan|
# if hash exists
if templates[plan.template.title].blank?
templates[plan.template.title] = {}
templates[plan.template.title][:title] = plan.template.title
templates[plan.template.title][:id] = plan.template.id
templates[plan.template.title][:uses] = 1
else
templates[plan.template.title][:uses] += 1
end
end

json.templates templates.each do |template, info|
json.templates @templates.each do |template, info|
json.template_name info[:title]
json.template_id info[:id]
json.template_uses info[:uses]
end

end
6 changes: 5 additions & 1 deletion app/views/api/v0/statistics/using_template.json.jbuilder
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
json.prettify!

json.plans_using_template @template_count
json.templates @templates.each do |template, info|
json.template_name info[:title]
json.template_id info[:id]
json.template_uses info[:uses]
end
Loading

0 comments on commit 2f7e4f2

Please sign in to comment.