Skip to content
Snippets Groups Projects
Select Git revision
  • issue/65-govbr
  • develop default protected
  • issue/54-curator-queue
  • issue/58-testar-s3
  • master protected
  • pre-submission
  • pre-languages
  • video-cache
  • tag-clustering-task
  • pre-api
  • orientdb
11 results
Blame Permalink
Forked from PortalMEC / portalmec
1165 commits behind the upstream repository.
users_controller.rb 2.75 KiB 
class V1::UsersController < ApplicationController
  include ::FollowableController
  include ::DeletedObjectsController
  include ::Paginator

  before_action :set_user, only: [:show, :update, :destroy, :following, :own_reviews, :received_reviews, :learning_objects, :collections, :liked]
  before_action :authenticate_user!, only: [:create, :update, :destroy, :following, :own_reviews, :received_reviews, :learning_objects, :collections, :liked]
  before_action :authorize_user, only: [:own_reviews, :received_reviews, :learning_objects, :collections, :liked]

  # GET /v1/users
  # GET /v1/users.json
  def index
    users = paginate User
    render json: users
  end

  # GET /v1/users/1
  # GET /v1/users/1.json
  def show
    render json: @user
  end

  # POST /v1/users
  # POST /v1/users.json
  def create
    user = User.new(user_params)

    if user.save
      render json: user, status: :created
    else
      render json: user.errors, status: :unprocessable_entity
    end
  end

  # PUT/PATCH /v1/users/1
  # PUT/PATCH /v1/users/1.json
  def update
    if @user.update(user_params)
      render json: @user, status: :ok
    else
      render json: @user.errors, status: :unprocessable_entity
    end
  end

  # DELETE /v1/users/1
  # DELETE /v1/users/1.json
  def destroy
    if current_user == @user
      render status: :forbidden
    else
      @user.destroy
      render status: :ok
    end
  end

  def following
    type = params[:object_type]
    is_current = (@user.id == current_user.id) unless current_user.nil?
    return render status: :bad_request unless type.in? %w(User Collection)
    w = @user.following(type, is_current)
    render json: w, root: 'follows', status: :ok
  end

  def own_reviews
    render json: @user.own_reviews
  end

  def received_reviews
    render json: @user.received_reviews
  end

  def learning_objects
    render json: LearningObject.where(publisher: @user)
  end

  def collections
    render json: Collection.where(owner: @user)
  end

  def liked
    # TODO: if it turns to be a bottleneck, write your pretty SQL :)
    includes = [:taggings, :tags, :subject_relations, :subjects, :stage_relations, :educational_stages, :publisher, :language, :license]
    render json: LearningObject.includes(includes).find(
      Like.where(user: @user, likeable_type: 'LearningObject').pluck(:likeable_id)
    )
  end

  private

  def deleted_resource
    User
  end

  def followable
    set_user
  end

  def authorize_user
    authorize @user
  end

  def set_user
    @user = User.find(params[:id])
  end

  # Never trust parameters from the scary internet, only allow the white list through.
  def user_params
    params.require(:user).permit(:name, :email, :description, :password, :password_confirmation, :terms_of_service, :avatar, role_ids: [])
  end
end