Class: PlanMyStuff::Issues::ViewersController

Inherits:
ApplicationController show all
Defined in:
app/controllers/plan_my_stuff/issues/viewers_controller.rb

Overview

Handles adding and removing viewers from the visibility allowlist via CRUD-style routes. Backs the viewer management UI on the issue edit view (T-045).

POST /issues/:issue_id/viewers -> create (adds viewer(s)) DELETE /issues/:issue_id/viewers/:id -> destroy (removes a viewer)

Instance Method Summary collapse

Instance Method Details

#createObject

POST /issues/:issue_id/viewers



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'app/controllers/plan_my_stuff/issues/viewers_controller.rb', line 13

def create
  unless support_user?
    redirect_to_unauthorized(plan_my_stuff.issue_path(params[:issue_id], repo: params[:repo]))
    return
  end

  viewer_ids = parse_viewer_ids(params[:viewer_ids])
  if viewer_ids.blank?
    flash[:error] = 'No valid viewer IDs provided.'
    redirect_to(plan_my_stuff.edit_issue_path(params[:issue_id], repo: params[:repo]))
    return
  end

  issue = PMS::Issue.find(params[:issue_id].to_i, repo: params[:repo])
  issue.add_viewers(user_ids: viewer_ids, user: pms_current_user)

  flash[:success] = 'Viewers were successfully added.'
  redirect_to(plan_my_stuff.edit_issue_path(params[:issue_id], repo: params[:repo]))
end

#destroyObject

DELETE /issues/:issue_id/viewers/:id



34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'app/controllers/plan_my_stuff/issues/viewers_controller.rb', line 34

def destroy
  unless support_user?
    redirect_to_unauthorized(plan_my_stuff.issue_path(params[:issue_id], repo: params[:repo]))
    return
  end

  issue = PMS::Issue.find(params[:issue_id].to_i, repo: params[:repo])
  issue.remove_viewers(user_ids: [params[:id].to_i], user: pms_current_user)

  flash[:success] = 'Viewer was successfully removed.'
  redirect_to(plan_my_stuff.edit_issue_path(params[:issue_id], repo: params[:repo]))
end