discourse/app/controllers/groups_controller.rb

class GroupsController < ApplicationController

  def show
    render_serialized(find_group(:id), BasicGroupSerializer)
  end

  def counts
    group = find_group(:group_id)

    counts = {
      posts: group.posts_for(guardian).count,
      topics: group.posts_for(guardian).where(post_number: 1).count,
      mentions: group.mentioned_posts_for(guardian).count,
      members: group.users.count,
    }

    if guardian.can_see_group_messages?(group)
      counts[:messages] = group.messages_for(guardian).where(post_number: 1).count
    end

    render json: { counts: counts }
  end

  def posts
    group = find_group(:group_id)
    posts = group.posts_for(guardian, params[:before_post_id]).limit(20)
    render_serialized posts.to_a, GroupPostSerializer
  end

  def topics
    group = find_group(:group_id)
    posts = group.posts_for(guardian, params[:before_post_id]).where(post_number: 1).limit(20)
    render_serialized posts.to_a, GroupPostSerializer
  end

  def mentions
    group = find_group(:group_id)
    posts = group.mentioned_posts_for(guardian, params[:before_post_id]).limit(20)
    render_serialized posts.to_a, GroupPostSerializer
  end

  def messages
    group = find_group(:group_id)
    posts = if guardian.can_see_group_messages?(group)
      group.messages_for(guardian, params[:before_post_id]).where(post_number: 1).limit(20).to_a
    else
      []
    end
    render_serialized posts, GroupPostSerializer
  end

  def members
    group = find_group(:group_id)

    limit = (params[:limit] || 50).to_i
    offset = params[:offset].to_i

    total = group.users.count
    members = group.users.order('NOT group_users.owner').order(:username_lower).limit(limit).offset(offset)
    owners = group.users.order(:username_lower).where('group_users.owner')

    render json: {
      members: serialize_data(members, GroupUserSerializer),
      owners: serialize_data(owners, GroupUserSerializer),
      meta: {
        total: total,
        limit: limit,
        offset: offset
      }
    }
  end

  def add_members
    group = Group.find(params[:id])
    guardian.ensure_can_edit!(group)

    if params[:usernames].present?
      users = User.where(username: params[:usernames].split(","))
    elsif params[:user_ids].present?
      users = User.find(params[:user_ids].split(","))
    elsif params[:user_emails].present?
      users = User.where(email: params[:user_emails].split(","))
    else
      raise Discourse::InvalidParameters.new('user_ids or usernames or user_emails must be present')
    end

    users.each do |user|
      if !group.users.include?(user)
        group.add(user)
      else
        return render_json_error I18n.t('groups.errors.member_already_exist', username: user.username)
      end
    end

    if group.save
      render json: success_json
    else
      render_json_error(group)
    end
  end

  def remove_member
    group = Group.find(params[:id])
    guardian.ensure_can_edit!(group)

    if params[:user_id].present?
      user = User.find(params[:user_id])
    elsif params[:username].present?
      user = User.find_by_username(params[:username])
    else
      raise Discourse::InvalidParameters.new('user_id or username must be present')
    end

    user.primary_group_id = nil if user.primary_group_id == group.id

    group.users.delete(user.id)

    if group.save && user.save
      render json: success_json
    else
      render_json_error(group)
    end

  end

  private

    def find_group(param_name)
      name = params.require(param_name)
      group = Group.find_by("lower(name) = ?", name.downcase)
      guardian.ensure_can_see!(group)
      group
    end

end
Client and Server side routes for a Group 2014-01-30 17:10:36 -05:00			`class GroupsController < ApplicationController`

			`def show`
Use lower case group names in URLs 2014-02-18 16:43:02 -05:00			`render_serialized(find_group(:id), BasicGroupSerializer)`
Client and Server side routes for a Group 2014-01-30 17:10:36 -05:00			`end`

Include members count on groups page. 2014-02-18 16:17:04 -05:00			`def counts`
Use lower case group names in URLs 2014-02-18 16:43:02 -05:00			`group = find_group(:group_id)`
FEATURE: allow group members to see all messages on group page 2015-12-07 17:19:33 -05:00
			`counts = {`
			`posts: group.posts_for(guardian).count,`
			`topics: group.posts_for(guardian).where(post_number: 1).count,`
			`mentions: group.mentioned_posts_for(guardian).count,`
			`members: group.users.count,`
			`}`

			`if guardian.can_see_group_messages?(group)`
			`counts[:messages] = group.messages_for(guardian).where(post_number: 1).count`
			`end`

			`render json: { counts: counts }`
FEATURE: Show the posts count on the groups page. It seems a bit odd that it uses a new AJAX call, but I wanted to keep the count separate from the group object itself. 2014-02-12 14:00:45 -05:00			`end`

FEATURE: First stab at groups page with member list 2014-02-07 10:44:03 -05:00			`def posts`
Use lower case group names in URLs 2014-02-18 16:43:02 -05:00			`group = find_group(:group_id)`
FEATURE: Show the posts count on the groups page. It seems a bit odd that it uses a new AJAX call, but I wanted to keep the count separate from the group object itself. 2014-02-12 14:00:45 -05:00			`posts = group.posts_for(guardian, params[:before_post_id]).limit(20)`
FEATURE: First stab at groups page with member list 2014-02-07 10:44:03 -05:00			`render_serialized posts.to_a, GroupPostSerializer`
			`end`

FEATURE: show group mentions and topics in groups page 2015-12-01 00:52:43 -05:00			`def topics`
			`group = find_group(:group_id)`
			`posts = group.posts_for(guardian, params[:before_post_id]).where(post_number: 1).limit(20)`
			`render_serialized posts.to_a, GroupPostSerializer`
			`end`

			`def mentions`
			`group = find_group(:group_id)`
			`posts = group.mentioned_posts_for(guardian, params[:before_post_id]).limit(20)`
			`render_serialized posts.to_a, GroupPostSerializer`
			`end`

FEATURE: allow group members to see all messages on group page 2015-12-07 17:19:33 -05:00			`def messages`
			`group = find_group(:group_id)`
			`posts = if guardian.can_see_group_messages?(group)`
			`group.messages_for(guardian, params[:before_post_id]).where(post_number: 1).limit(20).to_a`
			`else`
			`[]`
			`end`
			`render_serialized posts, GroupPostSerializer`
			`end`
FEATURE: show group mentions and topics in groups page 2015-12-01 00:52:43 -05:00
More templates for the group page 2014-02-06 13:06:19 -05:00			`def members`
Use lower case group names in URLs 2014-02-18 16:43:02 -05:00			`group = find_group(:group_id)`
use limit & offset for pagination of group members 2014-11-24 15:12:48 -05:00
FIX: proper handling of group memberships 2015-01-05 12:51:45 -05:00			`limit = (params[:limit] \|\| 50).to_i`
			`offset = params[:offset].to_i`

			`total = group.users.count`
FEATURE: support group owner, capable of controlling group membership Group owners are regular users that can add or remove users to a group The Admin UX allows admins to appoint group owners The public group UX will display group owners first and unlock UI to add and remove members Group owners can only be appointed on non automatic groups Group owners may not appoint another group owner 2015-11-09 08:52:04 -05:00			`members = group.users.order('NOT group_users.owner').order(:username_lower).limit(limit).offset(offset)`
			`owners = group.users.order(:username_lower).where('group_users.owner')`
FIX: proper handling of group memberships 2015-01-05 12:51:45 -05:00
			`render json: {`
			`members: serialize_data(members, GroupUserSerializer),`
FEATURE: support group owner, capable of controlling group membership Group owners are regular users that can add or remove users to a group The Admin UX allows admins to appoint group owners The public group UX will display group owners first and unlock UI to add and remove members Group owners can only be appointed on non automatic groups Group owners may not appoint another group owner 2015-11-09 08:52:04 -05:00			`owners: serialize_data(owners, GroupUserSerializer),`
FIX: proper handling of group memberships 2015-01-05 12:51:45 -05:00			`meta: {`
			`total: total,`
			`limit: limit,`
			`offset: offset`
			`}`
			`}`
More templates for the group page 2014-02-06 13:06:19 -05:00			`end`

table & model changes for group managers with permission to edit membership 2015-01-08 18:35:52 -05:00			`def add_members`
FEATURE: support group owner, capable of controlling group membership Group owners are regular users that can add or remove users to a group The Admin UX allows admins to appoint group owners The public group UX will display group owners first and unlock UI to add and remove members Group owners can only be appointed on non automatic groups Group owners may not appoint another group owner 2015-11-09 08:52:04 -05:00			`group = Group.find(params[:id])`
			`guardian.ensure_can_edit!(group)`

			`if params[:usernames].present?`
			`users = User.where(username: params[:usernames].split(","))`
			`elsif params[:user_ids].present?`
			`users = User.find(params[:user_ids].split(","))`
			`elsif params[:user_emails].present?`
			`users = User.where(email: params[:user_emails].split(","))`
			`else`
			`raise Discourse::InvalidParameters.new('user_ids or usernames or user_emails must be present')`
			`end`

			`users.each do \|user\|`
			`if !group.users.include?(user)`
			`group.add(user)`
			`else`
			`return render_json_error I18n.t('groups.errors.member_already_exist', username: user.username)`
table & model changes for group managers with permission to edit membership 2015-01-08 18:35:52 -05:00			`end`
			`end`

FEATURE: support group owner, capable of controlling group membership Group owners are regular users that can add or remove users to a group The Admin UX allows admins to appoint group owners The public group UX will display group owners first and unlock UI to add and remove members Group owners can only be appointed on non automatic groups Group owners may not appoint another group owner 2015-11-09 08:52:04 -05:00			`if group.save`
			`render json: success_json`
			`else`
			`render_json_error(group)`
			`end`
table & model changes for group managers with permission to edit membership 2015-01-08 18:35:52 -05:00			`end`

			`def remove_member`
FEATURE: support group owner, capable of controlling group membership Group owners are regular users that can add or remove users to a group The Admin UX allows admins to appoint group owners The public group UX will display group owners first and unlock UI to add and remove members Group owners can only be appointed on non automatic groups Group owners may not appoint another group owner 2015-11-09 08:52:04 -05:00			`group = Group.find(params[:id])`
			`guardian.ensure_can_edit!(group)`

			`if params[:user_id].present?`
			`user = User.find(params[:user_id])`
			`elsif params[:username].present?`
			`user = User.find_by_username(params[:username])`
			`else`
			`raise Discourse::InvalidParameters.new('user_id or username must be present')`
			`end`

			`user.primary_group_id = nil if user.primary_group_id == group.id`

			`group.users.delete(user.id)`
table & model changes for group managers with permission to edit membership 2015-01-08 18:35:52 -05:00
FEATURE: support group owner, capable of controlling group membership Group owners are regular users that can add or remove users to a group The Admin UX allows admins to appoint group owners The public group UX will display group owners first and unlock UI to add and remove members Group owners can only be appointed on non automatic groups Group owners may not appoint another group owner 2015-11-09 08:52:04 -05:00			`if group.save && user.save`
			`render json: success_json`
			`else`
			`render_json_error(group)`
table & model changes for group managers with permission to edit membership 2015-01-08 18:35:52 -05:00			`end`

			`end`

Use lower case group names in URLs 2014-02-18 16:43:02 -05:00			`private`

FIX: proper handling of group memberships 2015-01-05 12:51:45 -05:00			`def find_group(param_name)`
			`name = params.require(param_name)`
			`group = Group.find_by("lower(name) = ?", name.downcase)`
			`guardian.ensure_can_see!(group)`
			`group`
			`end`
Use lower case group names in URLs 2014-02-18 16:43:02 -05:00
Client and Server side routes for a Group 2014-01-30 17:10:36 -05:00			`end`