class InvitesController < ApplicationController
before_action :authenticate_user!, only: [:create]
before_action :store_user_location!, only: [:show]
def create
email = params[:invite_email]&.downcase
@dossier = current_user.dossiers.visible_by_user.find(params[:dossier_id])
invite = Invite.create(
dossier: @dossier,
user: User.find_by(email: email),
email: email,
message: params[:invite_message],
email_sender: current_user.email
)
if invite.valid?
# The notification is sent through an after commit hook in order to avoir concurrency issues
flash.notice = t('views.invites.create.success', email: invite.email)
else
flash.alert = invite.errors.full_messages
end
respond_to do |format|
format.html { redirect_back(fallback_location: helpers.url_for_dossier(@dossier)) }
format.turbo_stream
end
end
def show
if user_signed_in?
erase_user_location!
dossier = Dossier.joins(:invites)
.find_by!(invites: { email: current_user.email, id: params[:id] })
redirect_to helpers.url_for_dossier(dossier)
elsif params[:email].present? && !User.find_by(email: params[:email])
redirect_to new_user_registration_path(user: { email: params[:email] })
else
authenticate_user!
end
rescue ActiveRecord::RecordNotFound
flash.alert = t('errors.messages.dossier_not_found')
redirect_to dossiers_path
end
def destroy
invite = Invite.find_by(id: params[:id], dossier: current_user.dossiers.visible_by_user)
if invite.present?
@dossier = invite.dossier
invite.destroy!
flash.notice = t('views.invites.destroy.success', email: invite.email)
else
flash.alert = t('views.invites.destroy.error')
end
respond_to do |format|
format.html { redirect_back(fallback_location: @dossier.present? ? helpers.url_for_dossier(@dossier) : root_url) }
format.turbo_stream
end
end
private
def store_user_location!
store_location_for(:user, request.fullpath)
end
def erase_user_location!
clear_stored_location_for(:user)
end
end