11c952aa-d8e8-4073-941a-ba08eee9b0bb

Committed 24 Sep 2024 03:41PM UTC coverage: 70.281% (-28.5%) from 98.795%

Build # 11c952aa-d8e8-4073-941a-ba08eee9b0bb

Build Type

push

circleci

Committed by

jrgriffiniii

Commit Message

wip

Run Details

525 of 747 relevant lines covered (70.28%)

9.14 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

52.07

/app/controllers/waiver_infos_controller.rb

# frozen_string_literal: true

class WaiverInfosController < ApplicationController
  before_action :authenticate_account!
  before_action :set_waiver_info, only: %i[show show_mail]
  before_action :ensure_user_owns_waiver_info, only: %i[show show_mail]
  respond_to :html

  # GET /admin/waivers/match/:search_term
  # params :page, :per_page
  def solr_search_words
    args = stripped_args(params, :dont_keep_empties)
    search_term = args["search_term"] || ""

    page = params[:page]
    per_page = params[:per_page] || WaiverInfo.per_page

    waiver_infos = if search_term.length > 1
                     search = WaiverInfo.search_with_words(search_term, page, per_page)
                     search.results
                   else
                     models = WaiverInfo.all
                     models.paginate(page: page, per_page: per_page)
                   end

    do_solr_index(search_term, waiver_infos)
    render(:index)
  end

  # POST /admin/waivers/match
  def solr_search_words_post
    search_term_param = params["search_term"] || ""
    search_term = search_term_param.gsub(%r{[.&/]}, " ")

    redirect_to action: :solr_search_words, search_term: search_term
  end

  # GET waivers
  def index
    models = WaiverInfo.all

    @properties = {}
    @search_term = ""
    @waiver_infos = models.paginate(page: params[:page], per_page: params[:per_page])

    render(:index)
  end

  # GET waiver/requester/me
  def index_mine
    models = if current_account_admin?
               WaiverInfo.all
             else
               WaiverInfo.where(requester: current_account.netid)
             end

    @properties = current_account_properties
    @search_term = ""
    @waiver_infos = models.paginate(page: params[:page], per_page: params[:per_page])

    render(:index)
  end

  def index_unique_id
    @properties = unique_id_properties
    models = search_with_props(@properties)

    @search_term = ""
    page = params[:page]
    per_page = params[:per_page]
    @waiver_infos = models.paginate(page: page, per_page: per_page)

    render(:index)
  end

  def index_missing_unique_ids
    logger.debug("index_missing_unique_ids: authenticated as user='#{current_account}'")
    models = WaiverInfo.find_by_missing_unique_id

    @properties = missing_unique_ids_properties
    @search_term = ""
    @waiver_infos = models.paginate(page: params[:page], per_page: params[:per_page])

    render(:index)
  end

  def search
    render status: :forbidden unless current_account.admin?

    if params["waiver_info"]
      @properties = waiver_info_params
      models = search_with_props(@properties)

      @search_term = ""
      @waiver_infos = models.paginate(page: params[:page], per_page: params[:per_page])
    else
      @waiver_info = WaiverInfo.new
    end

    render(:index)
  end

  def new
    @waiver_info = WaiverInfo.new(author_status: AuthorStatus.status_faculty)

    render(:new_waiver_info)
  end

  def create
    redirect_to(root_path) if params["CANCEL"]

    @waiver_info = WaiverInfo.new(waiver_info_params)
    if @waiver_info.valid?

      redirect_to(root_path) unless params["CONFIRM-WAIVER"]

      @waiver_info.save

      mail = WaiverMailer.new(@waiver_info).granted(@waiver_info.cc_email)
      mail.deliver!

      mail_record = MailRecord.new_from_mail(mail)
      mail_record.waiver_info = @waiver_info
      mail_record.save

      @request_granted = true
      flash.now[:notice] = "We have sent emails with the waiver to #{mail_record.recipients.join(', ')}"

      render :show
    else
      render(:new_waiver_info)
    end
  rescue StandardError => error
    @waiver_info.destroy
    @waiver_info.errors.add(:base, "Could not send an email")
    @waiver_info.errors.add(:base, error.message)
    @waiver_info.errors.add(:base, "Did not create the Waiver - Please try again")

    render :new_waiver_info
  end

  # POST /admin/waiver/:id
  def update_by_admin
    # This should be refactored into an exception (or, CanCanCan should be used)
    unless current_account.admin?
      head(:forbidden)
      flash[:alert] = "User account #{current_account} is not an administrator. Please contact an administrator for assistance."
      return
    end

    @waiver_info = WaiverInfo.find(waiver_id)

    # This handles legacy support for the POST requests
    unless params[:commit] && params[:commit] == "Save"
      redirect_to(:edit_by_admin)
      return
    end

    if @waiver_info.update(update_waiver_info_params)
      flash[:notice] = "Waiver information successfully updated"
      redirect_to(@waiver_info)
    else
      error_messages = @waiver_info.errors.full_messages.join(". ")
      flash.now[:alert] = "Waiver information could not be successfully updated: #{error_messages}."
      redirect_to(:edit_by_admin, id: @waiver_info.id)
    end
  end

  # GET /admin/waiver/:id
  def edit_by_admin
    # This should be refactored into an exception (or, CanCanCan should be used)
    unless current_account.admin?
      head(:forbidden)
      return flash[:alert] = "User account #{current_account} is not an administrator. Please contact an administrator for assistance."
    end

    @waiver_info = WaiverInfo.find(waiver_id)

    # This handles the POST request, and should be refactored into a new action, #create_by_admin
    redirect_to(:update_by_admin) if params[:commit] && params[:commit] == "Save"

    render(:edit_by_admin)
  end

  private

  def waiver_id
    params[:id]
  end

  def current_account_properties
    {
      "Requester or Author" => current_account.email
    }
  end

  def author_unique_id_param
    params[:author_unique_id]
  end

  def unique_id_properties
    {
      author_unique_id: author_unique_id_param
    }
  end

  def missing_unique_ids_properties
    {
      missing: "unique_id"
    }
  end

  def do_solr_index(words, waivers)
    @properties = []
    @search_term = words
    @waiver_infos = waivers
  end

  def search_with_props(search_props)
    props = ActiveSupport::HashWithIndifferentAccess.new

    search_props.each do |k, v|
      props[k] = v.strip
    end

    title = props.delete("title")
    journal = props.delete("journal")
    notes = props.delete("notes")

    author_unique_id = props.fetch("author_unique_id", nil)
    @author = if author_unique_id.nil?
                nil
              else
                Employee.find_by_unique_id(author_unique_id)
              end

    models = WaiverInfo.where(props)
    @waiver_infos = if title
                      models.where("title LIKE ?", "%#{title}%")
                    elsif journal
                      models.where("journal LIKE ?", "%#{journal}%")
                    elsif notes
                      models.where("notes LIKE ?", "%#{notes}%")
                    else
                      models
                    end

    @waiver_infos
  end

  def account_owns_waiver?
    return unless current_account

    current_account.authenticated? && @waiver_info.requester == current_account.netid
  end

  def current_account_admin?
    return unless current_account

    current_account.admin?
  end

  def ensure_user_owns_waiver_info
    # TODO: what about author ?
    return if current_account.admin?

    render nothing: true, status: :forbidden unless account_owns_waiver?
  end

  # Use callbacks to share common setup or constraints between actions.
  def set_waiver_info
    @waiver_info = WaiverInfo.find(params[:id])
  end

  # Never trust parameters from the scary internet, only allow the white list through.
  def update_waiver_info_params
    permitted_waiver_info_params = params.require(:waiver_info)
    permitted = permitted_waiver_info_params.permit(
      :author_unique_id,
      :author_first_name,
      :author_last_name,
      :author_status,
      :author_department,
      :author_email,
      :title,
      :journal,
      :journal_issn,
      :notes
    )

    stripped_args(permitted, :keep_empties)
  end

  def default_params
    {
      "requester" => current_account.netid,
      "requester_email" => current_account.email
    }
  end

  # Never trust parameters from the scary internet, only allow the white list through.
  def waiver_info_params
    return default_params unless params["waiver_info"]

    permitted_waiver_info_params = params.require(:waiver_info)
    permitted = permitted_waiver_info_params.permit(
      :requester,
      :requester_email,
      :author_unique_id,
      :author_first_name,
      :author_last_name,
      :author_preferred_name,
      :author_status,
      :author_department,
      :author_email,
      :title,
      :journal,
      :journal_issn,
      :cc_email,
      :notes,
      :search_term
    )

    values = stripped_args(permitted, :dont_keep_empties)
    default_params.merge(values)
  end

  # I am not certain that this is needed
  def stripped_args(args, mode)
    hsh = {}
    keep = mode == :keep_empties
    args.each do |k, v|
      v = v.strip
      hsh[k] = v if keep || v.present?
    end
    hsh
  end
end

1	# frozen_string_literal: true
2
3	class WaiverInfosController < ApplicationController	1✔
4	before_action :authenticate_account!	1✔
5	before_action :set_waiver_info, only: %i[show show_mail]	1✔
6	before_action :ensure_user_owns_waiver_info, only: %i[show show_mail]	1✔
7	respond_to :html	1✔
8
9	# GET /admin/waivers/match/:search_term
10	# params :page, :per_page
11	def solr_search_words	1✔
12	args = stripped_args(params, :dont_keep_empties)	×
13	search_term = args["search_term"] \|\| ""	×
14
15	page = params[:page]	×
16	per_page = params[:per_page] \|\| WaiverInfo.per_page	×
17
18	waiver_infos = if search_term.length > 1	×
19	search = WaiverInfo.search_with_words(search_term, page, per_page)	×
20	search.results	×
21	else
22	models = WaiverInfo.all	×
23	models.paginate(page: page, per_page: per_page)	×
24	end
25
26	do_solr_index(search_term, waiver_infos)	×
27	render(:index)	×
28	end
29
30	# POST /admin/waivers/match
31	def solr_search_words_post	1✔
32	search_term_param = params["search_term"] \|\| ""	×
33	search_term = search_term_param.gsub(%r{[.&/]}, " ")	×
34
35	redirect_to action: :solr_search_words, search_term: search_term	×
36	end
37
38	# GET waivers
39	def index	1✔
40	models = WaiverInfo.all	3✔
41
42	@properties = {}	3✔
43	@search_term = ""	3✔
44	@waiver_infos = models.paginate(page: params[:page], per_page: params[:per_page])	3✔
45
46	render(:index)	3✔
47	end
48
49	# GET waiver/requester/me
50	def index_mine	1✔
51	models = if current_account_admin?	×
52	WaiverInfo.all	×
53	else
54	WaiverInfo.where(requester: current_account.netid)	×
55	end
56
57	@properties = current_account_properties	×
58	@search_term = ""	×
59	@waiver_infos = models.paginate(page: params[:page], per_page: params[:per_page])	×
60
61	render(:index)	×
62	end
63
64	def index_unique_id	1✔
65	@properties = unique_id_properties	2✔
66	models = search_with_props(@properties)	2✔
67
68	@search_term = ""	2✔
69	page = params[:page]	2✔
70	per_page = params[:per_page]	2✔
71	@waiver_infos = models.paginate(page: page, per_page: per_page)	2✔
72
73	render(:index)	2✔
74	end
75
76	def index_missing_unique_ids	1✔
77	logger.debug("index_missing_unique_ids: authenticated as user='#{current_account}'")	2✔
78	models = WaiverInfo.find_by_missing_unique_id	2✔
79
80	@properties = missing_unique_ids_properties	2✔
81	@search_term = ""	2✔
82	@waiver_infos = models.paginate(page: params[:page], per_page: params[:per_page])	2✔
83
84	render(:index)	2✔
85	end
86
87	def search	1✔
88	render status: :forbidden unless current_account.admin?	×
89
90	if params["waiver_info"]	×
91	@properties = waiver_info_params	×
92	models = search_with_props(@properties)	×
93
94	@search_term = ""	×
95	@waiver_infos = models.paginate(page: params[:page], per_page: params[:per_page])	×
96	else
97	@waiver_info = WaiverInfo.new	×
98	end
99
100	render(:index)	×
101	end
102
103	def new	1✔
104	@waiver_info = WaiverInfo.new(author_status: AuthorStatus.status_faculty)	1✔
105
106	render(:new_waiver_info)	1✔
107	end
108
109	def create	1✔
110	redirect_to(root_path) if params["CANCEL"]	4✔
111
112	@waiver_info = WaiverInfo.new(waiver_info_params)	4✔
113	if @waiver_info.valid?	4✔
114
115	redirect_to(root_path) unless params["CONFIRM-WAIVER"]	3✔
116
117	@waiver_info.save	3✔
118
119	mail = WaiverMailer.new(@waiver_info).granted(@waiver_info.cc_email)	×
120	mail.deliver!	×
121
122	mail_record = MailRecord.new_from_mail(mail)	×
123	mail_record.waiver_info = @waiver_info	×
124	mail_record.save	×
125
126	@request_granted = true	×
127	flash.now[:notice] = "We have sent emails with the waiver to #{mail_record.recipients.join(', ')}"	×
128
129	render :show	×
130	else
131	render(:new_waiver_info)	1✔
132	end
133	rescue StandardError => error
134	@waiver_info.destroy	×
135	@waiver_info.errors.add(:base, "Could not send an email")	×
136	@waiver_info.errors.add(:base, error.message)	×
137	@waiver_info.errors.add(:base, "Did not create the Waiver - Please try again")	×
138
139	render :new_waiver_info	×
140	end
141
142	# POST /admin/waiver/:id
143	def update_by_admin	1✔
144	# This should be refactored into an exception (or, CanCanCan should be used)
145	unless current_account.admin?	×
146	head(:forbidden)	×
147	flash[:alert] = "User account #{current_account} is not an administrator. Please contact an administrator for assistance."	×
148	return	×
149	end
150
151	@waiver_info = WaiverInfo.find(waiver_id)	×
152
153	# This handles legacy support for the POST requests
154	unless params[:commit] && params[:commit] == "Save"	×
155	redirect_to(:edit_by_admin)	×
156	return	×
157	end
158
159	if @waiver_info.update(update_waiver_info_params)	×
160	flash[:notice] = "Waiver information successfully updated"	×
161	redirect_to(@waiver_info)	×
162	else
163	error_messages = @waiver_info.errors.full_messages.join(". ")	×
164	flash.now[:alert] = "Waiver information could not be successfully updated: #{error_messages}."	×
165	redirect_to(:edit_by_admin, id: @waiver_info.id)	×
166	end
167	end
168
169	# GET /admin/waiver/:id
170	def edit_by_admin	1✔
171	# This should be refactored into an exception (or, CanCanCan should be used)
172	unless current_account.admin?	×
173	head(:forbidden)	×
174	return flash[:alert] = "User account #{current_account} is not an administrator. Please contact an administrator for assistance."	×
175	end
176
177	@waiver_info = WaiverInfo.find(waiver_id)	×
178
179	# This handles the POST request, and should be refactored into a new action, #create_by_admin
180	redirect_to(:update_by_admin) if params[:commit] && params[:commit] == "Save"	×
181
182	render(:edit_by_admin)	×
183	end
184
185	private	1✔
186
187	def waiver_id	1✔
188	params[:id]	×
189	end
190
191	def current_account_properties	1✔
192	{
193	"Requester or Author" => current_account.email	×
194	}
195	end
196
197	def author_unique_id_param	1✔
198	params[:author_unique_id]	2✔
199	end
200
201	def unique_id_properties	1✔
202	{
203	author_unique_id: author_unique_id_param	2✔
204	}
205	end
206
207	def missing_unique_ids_properties	1✔
208	{	2✔
209	missing: "unique_id"
210	}
211	end
212
213	def do_solr_index(words, waivers)	1✔
214	@properties = []	×
215	@search_term = words	×
216	@waiver_infos = waivers	×
217	end
218
219	def search_with_props(search_props)	1✔
220	props = ActiveSupport::HashWithIndifferentAccess.new	2✔
221
222	search_props.each do \|k, v\|	2✔
223	props[k] = v.strip	2✔
224	end
225
226	title = props.delete("title")	2✔
227	journal = props.delete("journal")	2✔
228	notes = props.delete("notes")	2✔
229
230	author_unique_id = props.fetch("author_unique_id", nil)	2✔
231	@author = if author_unique_id.nil?	2✔
232	nil	×
233	else
234	Employee.find_by_unique_id(author_unique_id)	2✔
235	end
236
237	models = WaiverInfo.where(props)	2✔
238	@waiver_infos = if title	2✔
239	models.where("title LIKE ?", "%#{title}%")	×
240	elsif journal	2✔
241	models.where("journal LIKE ?", "%#{journal}%")	×
242	elsif notes	2✔
243	models.where("notes LIKE ?", "%#{notes}%")	×
244	else
245	models	2✔
246	end
247
248	@waiver_infos	2✔
249	end
250
251	def account_owns_waiver?	1✔
252	return unless current_account	×
253
254	current_account.authenticated? && @waiver_info.requester == current_account.netid	×
255	end
256
257	def current_account_admin?	1✔
258	return unless current_account	×
259
260	current_account.admin?	×
261	end
262
263	def ensure_user_owns_waiver_info	1✔
264	# TODO: what about author ?
265	return if current_account.admin?	×
266
267	render nothing: true, status: :forbidden unless account_owns_waiver?	×
268	end
269
270	# Use callbacks to share common setup or constraints between actions.
271	def set_waiver_info	1✔
272	@waiver_info = WaiverInfo.find(params[:id])	×
273	end
274
275	# Never trust parameters from the scary internet, only allow the white list through.
276	def update_waiver_info_params	1✔
277	permitted_waiver_info_params = params.require(:waiver_info)	×
278	permitted = permitted_waiver_info_params.permit(	×
279	:author_unique_id,
280	:author_first_name,
281	:author_last_name,
282	:author_status,
283	:author_department,
284	:author_email,
285	:title,
286	:journal,
287	:journal_issn,
288	:notes
289	)
290
291	stripped_args(permitted, :keep_empties)	×
292	end
293
294	def default_params	1✔
295	{
296	"requester" => current_account.netid,	4✔
297	"requester_email" => current_account.email
298	}
299	end
300
301	# Never trust parameters from the scary internet, only allow the white list through.
302	def waiver_info_params	1✔
303	return default_params unless params["waiver_info"]	4✔
304
305	permitted_waiver_info_params = params.require(:waiver_info)	4✔
306	permitted = permitted_waiver_info_params.permit(	4✔
307	:requester,
308	:requester_email,
309	:author_unique_id,
310	:author_first_name,
311	:author_last_name,
312	:author_preferred_name,
313	:author_status,
314	:author_department,
315	:author_email,
316	:title,
317	:journal,
318	:journal_issn,
319	:cc_email,
320	:notes,
321	:search_term
322	)
323
324	values = stripped_args(permitted, :dont_keep_empties)	4✔
325	default_params.merge(values)	4✔
326	end
327
328	# I am not certain that this is needed
329	def stripped_args(args, mode)	1✔
330	hsh = {}	4✔
331	keep = mode == :keep_empties	4✔
332	args.each do \|k, v\|	4✔
333	v = v.strip	31✔
334	hsh[k] = v if keep \|\| v.present?	31✔
335	end
336	hsh	4✔
337	end
338	end

pulibrary / oawaiver / 11c952aa-d8e8-4073-941a-ba08eee9b0bb

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous