Module: Api::Utils

Extended by:
ActiveSupport::Concern
Included in:
ChallengesController, DatasetsController, FeedsController, NeedsController, PeerReviewsController, PostsController, ProgramsController, ProjectsController, ProposalsController, SpacesController, UsersController, WorkgroupsController
Defined in:
app/controllers/concerns/api/utils.rb

Instance Method Summary collapse

Instance Method Details

#get_id_from_short_titleObject

NOTE: only used by [challenges, workgroups, programs, projects, spaces, peer_reviews] refactor this



79
80
81
82
83
84
85
86
87
 
# File 'app/controllers/concerns/api/utils.rb', line 79

def get_id_from_short_title
  klass = controller_name.classify.constantize
  @obj = klass.where(short_title: params[:short_title]).first
  if @obj.nil?
    render json: { data: 'short_title does not exists' }, status: :not_found
  else
    render json: { id: @obj.id, data: 'Success' }, status: :ok
  end
end

#is_adminObject

Those methods are security methods that check that the user has the correct role to execute a particular methods. They are to be included in the before_action of controllers to check for the correct role of a user They are different from the Serializer concerns of the same name as they do not participate in the JSON rendering of the objects.



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'app/controllers/concerns/api/utils.rb', line 16

def is_admin
  if current_user.nil?
    render json: { data: 'unauthorized' }, status: :unauthorized
  else
    if @obj.nil?
      render json: { data: 'Obj is not set' }, status: :not_found
    else
      if @obj.class.name == 'Need'
        render json: { data: 'Forbidden' }, status: :forbidden unless current_user.has_role?(:admin,
                                                                                             @obj.project) || current_user.has_role?(:admin,
                                                                                                                                     @obj) || current_user.has_role?(:admin)
      else
        render json: { data: 'Forbidden' }, status: :forbidden unless current_user.has_role?(:admin, @obj) || current_user.has_role?(:admin)
      end
    end
  end
end

#is_memberObject 



34
35
36
37
38
39
40
 
# File 'app/controllers/concerns/api/utils.rb', line 34

def is_member
  if current_user.nil?
    render json: { data: 'Unauthorized' }, status: :unauthorized
  else
    render json: { data: 'Forbidden' }, status: :forbidden unless current_user.has_role? :member, @obj
  end
end

#is_reviewerObject 



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'app/controllers/concerns/api/utils.rb', line 42

def is_reviewer
  if current_user.nil?
    render json: { data: 'Unauthorized' }, status: :unauthorized
  else
    if @obj.nil?
      render json: { data: 'Obj is not set' }, status: :not_found
    else
      if @obj.class.name == 'Need'
        render json: { data: 'Forbidden' }, status: :forbidden unless current_user.has_role?(:reviewer,
                                                                                             @obj.project) || current_user.has_role?(:reviewer,
                                                                                                                                     @obj) || current_user.has_role?(:reviewer)
      else
        render json: { data: 'Forbidden' }, status: :forbidden unless current_user.has_role?(:reviewer, @obj) || current_user.has_role?(:reviewer)
      end
    end
  end
end

#nickname_existObject 



60
61
62
63
64
65
66
 
# File 'app/controllers/concerns/api/utils.rb', line 60

def nickname_exist
  if User.where(nickname: params[:nickname]).count > 0
    render json: { data: 'Nickname already exists' }, status: :forbidden
  else
    render json: { data: 'Nickname is available' }, status: :ok
  end
end

#short_title_existObject 



68
69
70
71
72
73
74
75
 
# File 'app/controllers/concerns/api/utils.rb', line 68

def short_title_exist
  klass = controller_name.classify.constantize
  if klass.where(short_title: params[:short_title]).count > 0
    render json: { data: 'short_title already exists' }, status: :forbidden
  else
    render json: { data: 'short_title is available' }, status: :ok
  end
end