cace366a-ffad-45f1-9b60-678e607fa527

Committed 14 May 2024 02:21PM UTC coverage: 60.862% (-35.0%) from 95.908%

Build # cace366a-ffad-45f1-9b60-678e607fa527

Build Type

push

circleci

Committed by

jrgriffiniii

Commit Message

wip

Run Details

1 of 3 new or added lines in 2 files covered. (33.33%)

1194 existing lines in 57 files now uncovered.

2076 of 3411 relevant lines covered (60.86%)

22.71 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

85.96

/app/controllers/users_controller.rb

# frozen_string_literal: true
class UsersController < ApplicationController
  # Constants set by the <form> <input> parameters transmitted using POST/PATCH/PUT requests
  GROUP_MESSAGING_DISABLED = "0"
  GROUP_MESSAGING_ENABLED = "1"

  # Notice that `set_user` sets the value of the user that we are viewing or editing
  # while `authenticate_user` sets the value of the current logged in user.
  # These values can be different (e.g. when an admin users is editing the information
  # of another user)
  before_action :set_user, only: %i[show edit update]
  before_action :authenticate_user!

  def index
    @users = User.all.sort_by { |user| user.family_name || "" }
  end

  # GET /users/1
  def show
    @search_terms = params["q"].presence
    @can_edit = can_edit?
    @my_dashboard = current_user.id == @user.id
    render "forbidden", status: :forbidden if !current_user.super_admin? && !@my_dashboard

    @unfinished_works = WorkList.unfinished_works(@user, @search_terms)
    @completed_works = WorkList.completed_works(@user, @search_terms)
    @withdrawn_works = WorkList.withdrawn_works(@user, @search_terms)
    @works_found = @unfinished_works.length + @completed_works.length + @withdrawn_works.length
  end

  # GET /users/1/edit
  def edit
    unless can_edit?
      Rails.logger.warn("Unauthorized to edit user #{@user.id} (current user: #{current_user.id})")
      redirect_to user_path(@user)
    end
  end

  # PATCH/PUT /users/1 or /users/1.json
  def update
    if can_edit?
      respond_to do |format|
        update_groups_with_messaging if user_params.key?(:groups_with_messaging)

        if @user.update(user_params)
          format.html { redirect_to user_url(@user), notice: "User was successfully updated." }
          format.json { render :show, status: :ok, location: @user }
        else
          format.html { render :edit, status: :unprocessable_entity }
          format.json { render json: @user.errors, status: :unprocessable_entity }
        end
      end
    else
      Rails.logger.warn("Unauthorized to update user #{@user.id} (current user: #{current_user.id})")
      redirect_to user_path(@user)
    end
  end

  private

    # Use callbacks to share common setup or constraints between actions.
    def set_user
      user_id = user_id_from_url
      @user = User.friendly.find(user_id)
      redirect_to action: action_name, id: @user.friendly_id, status: :moved_permanently unless @user.friendly_id == user_id
    end

    def user_id_from_url
      # For external users UID is in the form `user-name@gmail.com`, however, Rails eats the ".com" from
      # the UID and dumps it into the `format` param. Here we make sure the ".com" is preserved when the
      # UID looks to be an external user id.
      external_uid = params[:id].include?("@")
      if external_uid && params["format"] == "com"
        "#{params[:id]}.#{params['format']}"
      else
        params[:id]
      end
    end

    # Only allow a list of trusted parameters through.
    def user_params
      @user_params ||= params.require(:user).permit([:given_name, :full_name, :family_name, :orcid, :email_messages_enabled, groups_with_messaging: {}])
    end

    def can_edit?
      current_user.id == @user.id or current_user.super_admin?
    end

    def parameter_enables_messaging?(form_value)
      form_value.to_s == GROUP_MESSAGING_ENABLED
    end

    def update_groups_with_messaging
      if user_params.key?(:groups_with_messaging)
        extracted = user_params.extract!(:groups_with_messaging)
        groups_with_messaging = extracted[:groups_with_messaging]

        groups_with_messaging.each_pair do |id, param|
          group_id, subcommunity = id.split("_")
          selected_group = Group.find_by(id: group_id)

          if parameter_enables_messaging?(param)
            selected_group.enable_messages_for(user: @user, subcommunity:)
          else
            selected_group.disable_messages_for(user: @user, subcommunity:)
          end
        end
      end
    end
end

1	# frozen_string_literal: true
2	class UsersController < ApplicationController	1✔
3	# Constants set by the <form> <input> parameters transmitted using POST/PATCH/PUT requests
4	GROUP_MESSAGING_DISABLED = "0"	1✔
5	GROUP_MESSAGING_ENABLED = "1"	1✔
6
7	# Notice that `set_user` sets the value of the user that we are viewing or editing
8	# while `authenticate_user` sets the value of the current logged in user.
9	# These values can be different (e.g. when an admin users is editing the information
10	# of another user)
11	before_action :set_user, only: %i[show edit update]	1✔
12	before_action :authenticate_user!	1✔
13
14	def index	1✔
UNCOV 15	@users = User.all.sort_by { \|user\| user.family_name \|\| "" }	×
16	end
17
18	# GET /users/1
19	def show	1✔
20	@search_terms = params["q"].presence	9✔
21	@can_edit = can_edit?	9✔
22	@my_dashboard = current_user.id == @user.id	9✔
23	render "forbidden", status: :forbidden if !current_user.super_admin? && !@my_dashboard	9✔
24
25	@unfinished_works = WorkList.unfinished_works(@user, @search_terms)	9✔
26	@completed_works = WorkList.completed_works(@user, @search_terms)	9✔
27	@withdrawn_works = WorkList.withdrawn_works(@user, @search_terms)	9✔
28	@works_found = @unfinished_works.length + @completed_works.length + @withdrawn_works.length	9✔
29	end
30
31	# GET /users/1/edit
32	def edit	1✔
33	unless can_edit?	8✔
UNCOV 34	Rails.logger.warn("Unauthorized to edit user #{@user.id} (current user: #{current_user.id})")	×
UNCOV 35	redirect_to user_path(@user)	×
36	end
37	end
38
39	# PATCH/PUT /users/1 or /users/1.json
40	def update	1✔
41	if can_edit?	6✔
42	respond_to do \|format\|	6✔
43	update_groups_with_messaging if user_params.key?(:groups_with_messaging)	6✔
44
45	if @user.update(user_params)	6✔
46	format.html { redirect_to user_url(@user), notice: "User was successfully updated." }	12✔
47	format.json { render :show, status: :ok, location: @user }	6✔
48	else
UNCOV 49	format.html { render :edit, status: :unprocessable_entity }	×
UNCOV 50	format.json { render json: @user.errors, status: :unprocessable_entity }	×
51	end
52	end
53	else
UNCOV 54	Rails.logger.warn("Unauthorized to update user #{@user.id} (current user: #{current_user.id})")	×
UNCOV 55	redirect_to user_path(@user)	×
56	end
57	end
58
59	private	1✔
60
61	# Use callbacks to share common setup or constraints between actions.
62	def set_user	1✔
63	user_id = user_id_from_url	23✔
64	@user = User.friendly.find(user_id)	23✔
65	redirect_to action: action_name, id: @user.friendly_id, status: :moved_permanently unless @user.friendly_id == user_id	23✔
66	end
67
68	def user_id_from_url	1✔
69	# For external users UID is in the form `user-name@gmail.com`, however, Rails eats the ".com" from
70	# the UID and dumps it into the `format` param. Here we make sure the ".com" is preserved when the
71	# UID looks to be an external user id.
72	external_uid = params[:id].include?("@")	23✔
73	if external_uid && params["format"] == "com"	23✔
UNCOV 74	"#{params[:id]}.#{params['format']}"	×
75	else
76	params[:id]	23✔
77	end
78	end
79
80	# Only allow a list of trusted parameters through.
81	def user_params	1✔
82	@user_params \|\|= params.require(:user).permit([:given_name, :full_name, :family_name, :orcid, :email_messages_enabled, groups_with_messaging: {}])	22✔
83	end
84
85	def can_edit?	1✔
86	current_user.id == @user.id or current_user.super_admin?	23✔
87	end
88
89	def parameter_enables_messaging?(form_value)	1✔
90	form_value.to_s == GROUP_MESSAGING_ENABLED	97✔
91	end
92
93	def update_groups_with_messaging	1✔
94	if user_params.key?(:groups_with_messaging)	5✔
95	extracted = user_params.extract!(:groups_with_messaging)	5✔
96	groups_with_messaging = extracted[:groups_with_messaging]	5✔
97
98	groups_with_messaging.each_pair do \|id, param\|	5✔
99	group_id, subcommunity = id.split("_")	97✔
100	selected_group = Group.find_by(id: group_id)	97✔
101
102	if parameter_enables_messaging?(param)	97✔
103	selected_group.enable_messages_for(user: @user, subcommunity:)	6✔
104	else
105	selected_group.disable_messages_for(user: @user, subcommunity:)	91✔
106	end
107	end
108	end
109	end
110	end

pulibrary / pdc_describe / cace366a-ffad-45f1-9b60-678e607fa527

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous