discourse/app/controllers/groups_controller.rb

189 lines
5.0 KiB
Ruby
Raw Normal View History

class GroupsController < ApplicationController
before_filter :ensure_logged_in, only: [
:set_notifications,
:mentionable,
:update
]
skip_before_filter :preload_json, :check_xhr, only: [:posts_feed, :mentions_feed]
def show
render_serialized(find_group(:id), GroupShowSerializer, root: 'basic_group')
end
def update
group = Group.find(params[:id])
guardian.ensure_can_edit!(group)
if group.update_attributes(group_params)
render json: success_json
else
render_json_error(group)
end
end
def posts
2014-02-18 16:43:02 -05:00
group = find_group(:group_id)
posts = group.posts_for(guardian, params[:before_post_id]).limit(20)
render_serialized posts.to_a, GroupPostSerializer
end
def posts_feed
group = find_group(:group_id)
@posts = group.posts_for(guardian).limit(50)
@title = "#{SiteSetting.title} - #{I18n.t("rss_description.group_posts", group_name: group.name)}"
@link = Discourse.base_url
@description = I18n.t("rss_description.group_posts", group_name: group.name)
render 'posts/latest', formats: [:rss]
end
def topics
group = find_group(:group_id)
posts = group.posts_for(guardian, params[:before_post_id]).where(post_number: 1).limit(20)
render_serialized posts.to_a, GroupPostSerializer
end
def mentions
group = find_group(:group_id)
posts = group.mentioned_posts_for(guardian, params[:before_post_id]).limit(20)
render_serialized posts.to_a, GroupPostSerializer
end
def mentions_feed
group = find_group(:group_id)
@posts = group.mentioned_posts_for(guardian).limit(50)
@title = "#{SiteSetting.title} - #{I18n.t("rss_description.group_mentions", group_name: group.name)}"
@link = Discourse.base_url
@description = I18n.t("rss_description.group_mentions", group_name: group.name)
render 'posts/latest', formats: [:rss]
end
def messages
group = find_group(:group_id)
posts = if guardian.can_see_group_messages?(group)
group.messages_for(guardian, params[:before_post_id]).where(post_number: 1).limit(20).to_a
else
[]
end
render_serialized posts, GroupPostSerializer
end
2014-02-06 13:06:19 -05:00
def members
2014-02-18 16:43:02 -05:00
group = find_group(:group_id)
limit = (params[:limit] || 50).to_i
offset = params[:offset].to_i
total = group.users.count
members = group.users.order('NOT group_users.owner').order(:username_lower).limit(limit).offset(offset)
owners = group.users.order(:username_lower).where('group_users.owner')
render json: {
members: serialize_data(members, GroupUserSerializer),
owners: serialize_data(owners, GroupUserSerializer),
meta: {
total: total,
limit: limit,
offset: offset
}
}
2014-02-06 13:06:19 -05:00
end
def add_members
group = Group.find(params[:id])
guardian.ensure_can_edit!(group)
if params[:usernames].present?
users = User.where(username: params[:usernames].split(","))
elsif params[:user_ids].present?
users = User.find(params[:user_ids].split(","))
elsif params[:user_emails].present?
users = User.where(email: params[:user_emails].split(","))
else
raise Discourse::InvalidParameters.new('user_ids or usernames or user_emails must be present')
end
users.each do |user|
if !group.users.include?(user)
group.add(user)
else
return render_json_error I18n.t('groups.errors.member_already_exist', username: user.username)
end
end
if group.save
render json: success_json
else
render_json_error(group)
end
end
def mentionable
group = find_group(:name)
if group
render json: { mentionable: Group.mentionable(current_user).where(id: group.id).present? }
else
raise Discourse::InvalidAccess.new
end
end
def remove_member
group = Group.find(params[:id])
guardian.ensure_can_edit!(group)
if params[:user_id].present?
user = User.find(params[:user_id])
elsif params[:username].present?
user = User.find_by_username(params[:username])
2016-10-18 05:10:47 -04:00
elsif params[:user_email].present?
user = User.find_by_email(params[:user_email])
else
raise Discourse::InvalidParameters.new('user_id or username must be present')
end
user.primary_group_id = nil if user.primary_group_id == group.id
group.users.delete(user.id)
if group.save && user.save
render json: success_json
else
render_json_error(group)
end
end
def set_notifications
group = find_group(:id)
notification_level = params.require(:notification_level)
GroupUser.where(group_id: group.id)
.where(user_id: current_user.id)
.update_all(notification_level: notification_level)
render json: success_json
end
2014-02-18 16:43:02 -05:00
private
def group_params
2016-12-05 03:18:24 -05:00
params.require(:group).permit(
:flair_url,
:flair_bg_color,
:flair_color,
:bio_raw,
:title
2016-12-05 03:18:24 -05:00
)
end
def find_group(param_name)
name = params.require(param_name)
group = Group.find_by("lower(name) = ?", name.downcase)
guardian.ensure_can_see!(group)
group
end
2014-02-18 16:43:02 -05:00
end