Create a more accurate permissions check message
[rails.git] / app / controllers / issues_controller.rb
1 class IssuesController < ApplicationController
2   layout "site"
3
4   before_action :authorize_web
5   before_action :require_user
6   before_action :set_issues
7   before_action :check_permission
8   before_action :find_issue, :only => [:show, :resolve, :reopen, :ignore]
9
10   def index
11     @title = t ".title"
12
13     if current_user.moderator?
14       @issue_types = @moderator_issues
15       @users = User.joins(:roles).where(:user_roles => { :role => "moderator" })
16     else
17       @issue_types = @admin_issues
18       @users = User.joins(:roles).where(:user_roles => { :role => "administrator" })
19     end
20
21     @issues = Issue.where(:assigned_role => current_user.roles.map(&:role))
22
23     # If search
24     if params[:search_by_user] && params[:search_by_user].present?
25       @find_user = User.find_by(:display_name => params[:search_by_user])
26       if @find_user
27         @issues = @issues.where(:reported_user_id => @find_user.id)
28       else
29         notice = t("issues.index.user_not_found")
30       end
31     end
32
33     @issues = @issues.where(:status => params[:status][0]) if params[:status] && params[:status][0].present?
34
35     @issues = @issues.where(:reportable_type => params[:issue_type][0]) if params[:issue_type] && params[:issue_type][0].present?
36
37     if params[:last_updated_by] && params[:last_updated_by][0].present?
38       last_updated_by = params[:last_updated_by][0].to_s == "nil" ? nil : params[:last_updated_by][0].to_i
39       @issues = @issues.where(:updated_by => last_updated_by)
40     end
41
42     redirect_to issues_path, :notice => notice if notice
43   end
44
45   def show
46     @read_reports = @issue.read_reports
47     @unread_reports = @issue.unread_reports
48     @comments = @issue.comments
49     @related_issues = @issue.reported_user.issues.where(:assigned_role => current_user.roles.map(&:role)) if @issue.reported_user
50     @new_comment = IssueComment.new(:issue => @issue)
51   end
52
53   # Status Transistions
54   def resolve
55     if @issue.resolve
56       @issue.save!
57       redirect_to @issue, :notice => t("issues.resolved")
58     else
59       render :show
60     end
61   end
62
63   def ignore
64     if @issue.ignore
65       @issue.updated_by = current_user.id
66       @issue.save!
67       redirect_to @issue, :notice => t("issues.ignored")
68     else
69       render :show
70     end
71   end
72
73   def reopen
74     if @issue.reopen
75       @issue.updated_by = current_user.id
76       @issue.save!
77       redirect_to @issue, :notice => t("issues.reopened")
78     else
79       render :show
80     end
81   end
82
83   private
84
85   def set_issues
86     @admin_issues = %w[DiaryEntry DiaryComment User]
87     @moderator_issues = %w[Note]
88   end
89
90   def find_issue
91     @issue = Issue.find(params[:id])
92   end
93
94   def check_permission
95     unless current_user.administrator? || current_user.moderator?
96       flash[:error] = t("application.require_moderator_or_admin.not_a_moderator_or_admin")
97       redirect_to root_path
98     end
99   end
100 end