Class: Admin::PermissionsController

Inherits:
ApplicationController
  • Object
show all
Includes:
AdminBulkActions, AdminPagination, AdminTurboTable, AuditLoggable
Defined in:
lib/generators/ruby_cms/templates/controllers/admin/permissions_controller.rb

Constant Summary

Constants included from AdminPagination

AdminPagination::DEFAULT_MAX_PER_PAGE, AdminPagination::DEFAULT_MIN_PER_PAGE

Instance Method Summary collapse

Methods included from AdminTurboTable

#turbo_frame_id, #turbo_frame_request?, #turbo_redirect_to, #turbo_render_form, #turbo_render_index, #turbo_stream_replace_table, #turbo_stream_request?, #turbo_stream_update_table

Methods included from AdminPagination

#paginate_collection, #set_pagination_vars

Instance Method Details

#bulk_deleteObject 



118
119
120
121
122
123
124
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/permissions_controller.rb', line 118

def bulk_delete
  count = bulk_destroy(Permission, audit: :permission_deleted, target_label: "Permission")
  turbo_redirect_to admin_permissions_path,
                    notice: "#{count} permission(s) #{
                      t('ruby_cms.admin.permissions.deleted')
                    }."
end

#createObject 



92
93
94
95
96
97
98
99
100
101
102
103
104
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/permissions_controller.rb', line 92

def create
  @permission = Permission.new(permission_params)
  if @permission.save
    audit!(:permission_created, target: @permission, summary: "Created permission #{@permission.key}")
    redirect_to admin_permissions_path,
                notice: t("ruby_cms.admin.permissions.created")
  else
    @permissions = Permission.order(:key)
    flash.now[:alert] =
      "Could not create permission: #{@permission.errors.full_messages.to_sentence}"
    render :index, status: :unprocessable_content
  end
end

#destroyObject 



106
107
108
109
110
111
112
113
114
115
116
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/permissions_controller.rb', line 106

def destroy
  @permission = Permission.find(params[:id])
  key = @permission.key
  unless @permission.destroy
    return redirect_to admin_permissions_path, alert: @permission.errors.full_messages.to_sentence
  end

  audit!(:permission_deleted, target: "Permission:#{key}", summary: "Deleted permission #{key}", meta: { key: })
  redirect_to admin_permissions_path,
              notice: t("ruby_cms.admin.permissions.deleted")
end

#indexObject 



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/permissions_controller.rb', line 14

def index
  base_scope = Permission.all
  @filter_counts = {
    all: base_scope.count,
    assigned: base_scope.joins(:user_permissions).distinct.count,
    unassigned: base_scope.where.missing(:user_permissions)
                .count
  }
  @total_permissions_count = @filter_counts[:all]

  @current_filter = %w[all assigned unassigned].include?(params[:filter]) ? params[:filter] : "all"

  assigned_subquery = "(SELECT COUNT(*) FROM user_permissions WHERE user_permissions.permission_id = permissions.id)"
  collection = Permission.all

  case @current_filter
  when "assigned"   then collection = collection.where("#{assigned_subquery} > 0")
  when "unassigned" then collection = collection.where("#{assigned_subquery} = 0")
  end

  if params[:q].present?
    search_term = "%#{params[:q].downcase}%"
    collection = collection.where("LOWER(permissions.key) LIKE ? OR LOWER(permissions.name) LIKE ?",
                                  search_term, search_term)
  end

  @sort_column = %w[key name assigned].include?(params[:sort]) ? params[:sort] : "key"
  @sort_direction = params[:direction] == "desc" ? "desc" : "asc"
  sort_db_column = {
    "key" => "permissions.key",
    "name" => "permissions.name",
    "assigned" => assigned_subquery
  }[@sort_column]
  collection = collection.reorder(Arel.sql("#{sort_db_column} #{@sort_direction}"))

  # Precompute assigned counts so row partial avoids N+1.
  @assigned_counts = UserPermission.group(:permission_id).count
  @view = params[:view] == "matrix" ? "matrix" : "list"

  if @view == "matrix"
    @permissions = collection.to_a
    @matrix_users = User.order(:email_address).to_a
    @matrix_grants = UserPermission.pluck(:user_id, :permission_id).to_set
  else
    @permissions = paginate_collection(collection)
  end

  @index ||= Permission.none
  turbo_render_index
end

#toggle_userObject 



65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/permissions_controller.rb', line 65

def toggle_user
  permission = Permission.find(params[:id])
  user = User.find(params[:user_id])
  link = UserPermission.find_by(user:, permission:)

  if link
    unless link.destroy
      msg = link.errors.full_messages.to_sentence
      return respond_to do |f|
        f.json { render json: { error: msg }, status: :unprocessable_content }
        f.html { redirect_to admin_permissions_path(view: "matrix"), alert: msg }
      end
    end
    granted = false
    audit!(:permission_revoked, target: permission, summary: "Revoked #{permission.key} from #{user.email_address}", meta: { user_id: user.id })
  else
    UserPermission.create!(user:, permission:)
    granted = true
    audit!(:permission_granted, target: permission, summary: "Granted #{permission.key} to #{user.email_address}", meta: { user_id: user.id })
  end

  respond_to do |f|
    f.json { render json: { granted: granted, user_id: user.id, permission_id: permission.id } }
    f.html { redirect_to admin_permissions_path(view: "matrix"), notice: granted ? "Granted" : "Revoked" }
  end
end