trabajo-afectivo/app/controllers/organizations_controller.rb

361 lines
7.9 KiB
Ruby
Raw Normal View History

2016-10-19 03:11:36 +00:00
# Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/
2012-04-10 14:06:46 +00:00
class OrganizationsController < ApplicationController
prepend_before_action :authentication_check
2012-04-10 14:06:46 +00:00
=begin
Format:
JSON
Example:
{
"id":1,
"name":"Znuny GmbH",
"note":"",
"active":true,
"shared":true,
"updated_at":"2012-09-14T17:51:53Z",
"created_at":"2012-09-14T17:51:53Z",
"created_by_id":2,
}
=end
=begin
Resource:
GET /api/v1/organizations
Response:
[
{
"id": 1,
"name": "some_name1",
...
},
{
"id": 2,
"name": "some_name2",
...
}
]
Test:
curl http://localhost/api/v1/organizations -v -u #{login}:#{password}
=end
2012-04-10 14:06:46 +00:00
def index
offset = 0
per_page = 500
if params[:page] && params[:per_page]
offset = (params[:page].to_i - 1) * params[:per_page].to_i
per_page = params[:per_page].to_i
end
2013-07-19 14:21:44 +00:00
if per_page > 500
per_page = 500
end
2013-07-19 14:21:44 +00:00
# only allow customer to fetch his own organization
organizations = []
if !current_user.permissions?(['admin.organization', 'ticket.agent'])
2013-07-19 14:21:44 +00:00
if current_user.organization_id
organizations = Organization.where(id: current_user.organization_id).order(id: 'ASC').offset(offset).limit(per_page)
2013-07-19 14:21:44 +00:00
end
else
organizations = Organization.all.order(id: 'ASC').offset(offset).limit(per_page)
end
if response_expand?
list = []
organizations.each do |organization|
list.push organization.attributes_with_association_names
end
render json: list, status: :ok
return
end
if response_full?
assets = {}
item_ids = []
organizations.each do |item|
item_ids.push item.id
assets = item.assets(assets)
end
render json: {
record_ids: item_ids,
assets: assets,
}, status: :ok
return
2013-07-19 14:21:44 +00:00
end
list = []
organizations.each do |organization|
list.push organization.attributes_with_association_ids
end
render json: list
2012-04-10 14:06:46 +00:00
end
=begin
Resource:
GET /api/v1/organizations/#{id}
Response:
{
"id": 1,
"name": "name_1",
...
}
2012-04-10 14:06:46 +00:00
Test:
curl http://localhost/api/v1/organizations/#{id} -v -u #{login}:#{password}
=end
def show
2013-07-19 14:21:44 +00:00
# only allow customer to fetch his own organization
if !current_user.permissions?(['admin.organization', 'ticket.agent'])
2013-07-19 14:21:44 +00:00
if !current_user.organization_id
render json: {}
2013-07-19 14:21:44 +00:00
return
end
raise Exceptions::NotAuthorized if params[:id].to_i != current_user.organization_id
2013-07-19 14:21:44 +00:00
end
if response_expand?
organization = Organization.find(params[:id]).attributes_with_association_names
render json: organization, status: :ok
return
end
if response_full?
full = Organization.full(params[:id])
render json: full, status: :ok
return
end
model_show_render(Organization, params)
2012-04-10 14:06:46 +00:00
end
=begin
Resource:
POST /api/v1/organizations
Payload:
{
"name": "some_name",
"active": true,
"note": "some note",
"shared": true
}
Response:
{
"id": 1,
"name": "some_name",
...
}
Test:
curl http://localhost/api/v1/organizations -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"name": "some_name","active": true,"shared": true,"note": "some note"}'
=end
2012-04-10 14:06:46 +00:00
def create
permission_check(['admin.organization', 'ticket.agent'])
model_create_render(Organization, params)
2012-04-10 14:06:46 +00:00
end
=begin
Resource:
PUT /api/v1/organizations/{id}
Payload:
{
"id": 1
"name": "some_name",
"active": true,
"note": "some note",
"shared": true
}
2012-04-10 14:06:46 +00:00
Response:
{
"id": 1,
"name": "some_name",
...
}
Test:
curl http://localhost/api/v1/organizations -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"id": 1,"name": "some_name","active": true,"shared": true,"note": "some note"}'
=end
def update
permission_check(['admin.organization', 'ticket.agent'])
model_update_render(Organization, params)
2012-04-10 14:06:46 +00:00
end
=begin
Resource:
DELETE /api/v1/organization/{id}
Response:
{}
Test:
curl http://localhost/api/v1/organization/{id} -v -u #{login}:#{password} -H "Content-Type: application/json" -X DELETE -d '{}'
=end
2012-04-10 14:06:46 +00:00
def destroy
permission_check(['admin.organization', 'ticket.agent'])
model_references_check(Organization, params)
model_destroy_render(Organization, params)
2012-04-10 14:06:46 +00:00
end
2014-07-22 09:00:29 +00:00
# GET /api/v1/organizations/search
def search
if !current_user.permissions?(['admin.organization', 'ticket.agent'])
raise Exceptions::NotAuthorized
end
per_page = params[:per_page] || params[:limit] || 100
per_page = per_page.to_i
if per_page > 500
per_page = 500
end
page = params[:page] || 1
page = page.to_i
offset = (page - 1) * per_page
2017-11-23 08:09:44 +00:00
query = params[:query]
if query.respond_to?(:permit!)
query = query.permit!.to_h
end
query_params = {
2017-11-23 08:09:44 +00:00
query: query,
limit: per_page,
offset: offset,
current_user: current_user,
}
2017-11-23 08:09:44 +00:00
if params[:role_ids].present?
query_params[:role_ids] = params[:role_ids]
end
# do query
organization_all = Organization.search(query_params)
if response_expand?
list = []
organization_all.each do |organization|
list.push organization.attributes_with_association_names
end
render json: list, status: :ok
return
end
# build result list
2016-09-11 13:24:10 +00:00
if params[:label]
organizations = []
organization_all.each do |organization|
2016-09-11 13:24:10 +00:00
a = { id: organization.id, label: organization.name, value: organization.name }
organizations.push a
end
# return result
render json: organizations
return
end
if response_full?
2016-09-11 13:24:10 +00:00
organization_ids = []
assets = {}
organization_all.each do |organization|
2016-09-11 13:24:10 +00:00
assets = organization.assets(assets)
organization_ids.push organization.id
end
2016-09-11 13:24:10 +00:00
# return result
render json: {
assets: assets,
organization_ids: organization_ids.uniq,
}
2016-09-11 14:02:15 +00:00
return
2016-09-11 13:24:10 +00:00
end
list = []
organization_all.each do |organization|
list.push organization.attributes_with_association_ids
end
2016-09-11 13:24:10 +00:00
render json: list, status: :ok
end
2014-07-22 09:00:29 +00:00
# GET /api/v1/organizations/history/1
def history
2016-01-27 18:26:10 +00:00
# permission check
if !current_user.permissions?(['admin.organization', 'ticket.agent'])
raise Exceptions::NotAuthorized
2014-07-22 09:00:29 +00:00
end
# get organization data
organization = Organization.find(params[:id])
2014-07-22 09:00:29 +00:00
# get history of organization
history = organization.history_get(true)
# return result
render json: history
2014-07-22 09:00:29 +00:00
end
# @path [GET] /organizations/import_example
#
# @summary Download of example CSV file.
# @notes The requester have 'admin.organization' permissions to be able to download it.
# @example curl -u 'me@example.com:test' http://localhost:3000/api/v1/organizations/import_example
#
# @response_message 200 File download.
# @response_message 401 Invalid session.
def import_example
permission_check('admin.organization')
send_data(
Organization.csv_example,
filename: 'organization-example.csv',
type: 'text/csv',
disposition: 'attachment'
)
end
# @path [POST] /organizations/import
#
# @summary Starts import.
# @notes The requester have 'admin.text_module' permissions to be create a new import.
# @example curl -u 'me@example.com:test' -F 'file=@/path/to/file/organizations.csv' 'https://your.zammad/api/v1/organizations/import?try=true'
# @example curl -u 'me@example.com:test' -F 'file=@/path/to/file/organizations.csv' 'https://your.zammad/api/v1/organizations/import'
#
# @response_message 201 Import started.
# @response_message 401 Invalid session.
def import_start
permission_check('admin.user')
result = Organization.csv_import(
string: params[:file].read.force_encoding('utf-8'),
parse_params: {
col_sep: ';',
},
try: params[:try],
)
render json: result, status: :ok
end
end