9091a1ae-29be-458c-984a-339d213919c4

Committed 12 Dec 2024 07:41PM UTC coverage: 26.434% (-69.7%) from 96.113%

Build # 9091a1ae-29be-458c-984a-339d213919c4

Build Type

Pull #2000

circleci

Committed by

jrgriffiniii

Commit Message

Removing integration with ActiveStorage

Pull Request Pull Request #2000: Bump actionpack from 7.2.1.1 to 7.2.2.1

Run Details

945 of 3575 relevant lines covered (26.43%)

0.35 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

2.17

/app/controllers/groups_controller.rb

# frozen_string_literal: true
class GroupsController < ApplicationController
  def index; end

  def show
    @group = Group.find(params[:id])
    @can_edit = can_edit?
  end

  def edit
    @group = Group.find(params[:id])
    if can_edit?
      render "edit"
    else
      Rails.logger.warn("Unauthorized to edit group #{@group.id} (current user: #{current_user.id})")
      redirect_to groups_path
    end
  end

  # rubocop:disable Metrics/MethodLength
  def update
    @group = Group.find(params[:id])
    if can_edit?
      respond_to do |format|
        if @group.update(group_params)
          format.html { redirect_to group_url(@group), notice: "Group was successfully updated." }
          format.json { render :show, status: :ok, location: @group }
        else
          # return 200 so the loadbalancer doesn't capture the error
          format.html { render :edit }
          format.json { render json: @group.errors }
        end
      end
    else
      Rails.logger.warn("Unauthorized to update group #{@group.id} (current user: #{current_user.id})")
      redirect_to groups_path
    end
  end
  # rubocop:enable Metrics/MethodLength

  # This is a JSON only endpoint
  def add_admin
    @group = Group.find(params[:id])
    @group.add_administrator(current_user, User.new_for_uid(params[:uid]))
    check_and_render
  end

  # This is a JSON only endpoint
  def add_submitter
    @group = Group.find(params[:id])
    user = @group.default_user(params[:uid])
    @group.add_submitter(current_user, user)
    check_and_render
  end

  # This is a JSON only endpoint
  def delete_user_from_group
    @group = Group.find(params[:id])
    @group.delete_permission(current_user, User.find_by(uid: params[:uid]))
    check_and_render
  end

  private

    def check_and_render
      if @group.errors.count > 0 && @group.errors.first.message == "Unauthorized"
        render status: :unauthorized, json: { message: "Unauthorized" }
      elsif @group.errors.count > 0
        render status: :bad_request, json: { message: @group.errors.first.message }
      else
        render status: :ok, json: { message: "OK" }
      end
    end

    # Only allow trusted parameters through.
    def group_params
      params.require(:group).permit([:title, :description])
    end

    def can_edit?
      current_user.can_admin? @group
    end
end

1	# frozen_string_literal: true
2	class GroupsController < ApplicationController	1✔
3	def index; end	×
4
5	def show	×
6	@group = Group.find(params[:id])	×
7	@can_edit = can_edit?	×
8	end
9
10	def edit	×
11	@group = Group.find(params[:id])	×
12	if can_edit?	×
13	render "edit"	×
14	else
15	Rails.logger.warn("Unauthorized to edit group #{@group.id} (current user: #{current_user.id})")	×
16	redirect_to groups_path	×
17	end
18	end
19
20	# rubocop:disable Metrics/MethodLength
21	def update	×
22	@group = Group.find(params[:id])	×
23	if can_edit?	×
24	respond_to do \|format\|	×
25	if @group.update(group_params)	×
26	format.html { redirect_to group_url(@group), notice: "Group was successfully updated." }	×
27	format.json { render :show, status: :ok, location: @group }	×
28	else
29	# return 200 so the loadbalancer doesn't capture the error
30	format.html { render :edit }	×
31	format.json { render json: @group.errors }	×
32	end
33	end
34	else
35	Rails.logger.warn("Unauthorized to update group #{@group.id} (current user: #{current_user.id})")	×
36	redirect_to groups_path	×
37	end
38	end
39	# rubocop:enable Metrics/MethodLength
40
41	# This is a JSON only endpoint
42	def add_admin	×
43	@group = Group.find(params[:id])	×
44	@group.add_administrator(current_user, User.new_for_uid(params[:uid]))	×
45	check_and_render	×
46	end
47
48	# This is a JSON only endpoint
49	def add_submitter	×
50	@group = Group.find(params[:id])	×
51	user = @group.default_user(params[:uid])	×
52	@group.add_submitter(current_user, user)	×
53	check_and_render	×
54	end
55
56	# This is a JSON only endpoint
57	def delete_user_from_group	×
58	@group = Group.find(params[:id])	×
59	@group.delete_permission(current_user, User.find_by(uid: params[:uid]))	×
60	check_and_render	×
61	end
62
63	private	×
64
65	def check_and_render	×
66	if @group.errors.count > 0 && @group.errors.first.message == "Unauthorized"	×
67	render status: :unauthorized, json: { message: "Unauthorized" }	×
68	elsif @group.errors.count > 0	×
69	render status: :bad_request, json: { message: @group.errors.first.message }	×
70	else
71	render status: :ok, json: { message: "OK" }	×
72	end
73	end
74
75	# Only allow trusted parameters through.
76	def group_params	×
77	params.require(:group).permit([:title, :description])	×
78	end
79
80	def can_edit?	×
81	current_user.can_admin? @group	×
82	end
83	end

pulibrary / pdc_describe / 9091a1ae-29be-458c-984a-339d213919c4

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous