demarches-normaliennes/app/controllers/users/transfers_controller.rb

49 lines
1.3 KiB
Ruby

module Users
class TransfersController < UserController
def create
transfer = DossierTransfer.new(transfer_params)
if transfer.valid?
transfer.save!
flash.notice = t("users.dossiers.transferer.notice_sent")
redirect_to dossiers_path
else
flash.alert = transfer.errors.full_messages
redirect_to transferer_dossier_path(transfer_params[:dossiers].first)
end
end
def update
DossierTransfer.accept(params[:id], current_user)
redirect_to dossiers_path
end
def destroy
transfer = DossierTransfer.find(params[:id])
authorized = (transfer.email == current_user.email || transfer.dossiers.exists?(dossiers: { user: current_user }))
if authorized
transfer.destroy_and_nullify
flash.notice = t("users.dossiers.transferer.destroy")
else
flash.alert = t("users.dossiers.transferer.unauthorized_destroy")
end
redirect_to dossiers_path
end
private
def transfer_params
transfer_params = params.require(:dossier_transfer).permit(:email, :dossier)
dossier_id = transfer_params.delete(:dossier)
dossiers = if dossier_id.present?
[current_user.dossiers.find(dossier_id)]
else
current_user.dossiers
end
transfer_params.merge(dossiers: dossiers)
end
end
end