49 lines
1.3 KiB
Ruby
49 lines
1.3 KiB
Ruby
module Users
|
|
class TransfersController < UserController
|
|
def create
|
|
transfer = DossierTransfer.new(transfer_params)
|
|
|
|
if transfer.valid?
|
|
transfer.save!
|
|
flash.notice = t("users.dossiers.transferer.notice_sent")
|
|
redirect_to dossiers_path
|
|
else
|
|
flash.alert = transfer.errors.full_messages
|
|
redirect_to transferer_dossier_path(transfer_params[:dossiers].first)
|
|
end
|
|
end
|
|
|
|
def update
|
|
DossierTransfer.accept(params[:id], current_user)
|
|
redirect_to dossiers_path
|
|
end
|
|
|
|
def destroy
|
|
transfer = DossierTransfer.find(params[:id])
|
|
authorized = (transfer.email == current_user.email || transfer.dossiers.exists?(dossiers: { user: current_user }))
|
|
|
|
if authorized
|
|
transfer.destroy_and_nullify
|
|
flash.notice = t("users.dossiers.transferer.destroy")
|
|
else
|
|
flash.alert = t("users.dossiers.transferer.unauthorized_destroy")
|
|
end
|
|
redirect_to dossiers_path
|
|
end
|
|
|
|
private
|
|
|
|
def transfer_params
|
|
transfer_params = params.require(:dossier_transfer).permit(:email, :dossier)
|
|
|
|
dossier_id = transfer_params.delete(:dossier)
|
|
dossiers = if dossier_id.present?
|
|
[current_user.dossiers.find(dossier_id)]
|
|
else
|
|
current_user.dossiers
|
|
end
|
|
|
|
transfer_params.merge(dossiers: dossiers)
|
|
end
|
|
end
|
|
end
|