demarches-normaliennes/app/controllers/invites_controller.rb

72 lines
2.1 KiB
Ruby
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

class InvitesController < ApplicationController
before_action :authenticate_user!, only: [:create]
before_action :store_user_location!, only: [:show]
def create
email = params[:invite_email]&.downcase
@dossier = current_user.dossiers.visible_by_user.find(params[:dossier_id])
invite = Invite.create(
dossier: @dossier,
user: User.find_by(email: email),
email: email,
message: params[:invite_message],
email_sender: current_user.email
)
if invite.valid?
# The notification is sent through an after commit hook in order to avoir concurrency issues
flash.notice = "Une invitation a été envoyée à #{invite.email}."
else
flash.alert = invite.errors.full_messages
end
respond_to do |format|
format.html { redirect_back(fallback_location: helpers.url_for_dossier(@dossier)) }
format.turbo_stream
end
end
def show
if user_signed_in?
erase_user_location!
dossier = Dossier.joins(:invites)
.find_by!(invites: { email: current_user.email, id: params[:id] })
redirect_to helpers.url_for_dossier(dossier)
elsif params[:email].present? && !User.find_by(email: params[:email])
redirect_to new_user_registration_path(user: { email: params[:email] })
else
authenticate_user!
end
rescue ActiveRecord::RecordNotFound
flash.alert = t('errors.messages.dossier_not_found')
redirect_to dossiers_path
end
def destroy
invite = Invite.find_by(id: params[:id], dossier: current_user.dossiers.visible_by_user)
if invite.present?
@dossier = invite.dossier
invite.destroy!
flash.notice = "Lautorisation de #{invite.email} vient dêtre révoquée."
else
flash.alert = "Vous ne pouvez pas révoquer cette autorisation"
end
respond_to do |format|
format.html { redirect_back(fallback_location: @dossier.present? ? helpers.url_for_dossier(@dossier) : root_url) }
format.turbo_stream
end
end
private
def store_user_location!
store_location_for(:user, request.fullpath)
end
def erase_user_location!
clear_stored_location_for(:user)
end
end