module MnoEnterprise::Concerns::Controllers::Jpi::V1::OrganizationsController
Public Instance Methods
create()
click to toggle source
POST /mnoe/jpi/v1/organizations
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 55 def create # Create new organization @organization = MnoEnterprise::Organization.create(organization_update_params) # Add the current user as Super Admin @organization.add_user(current_user,'Super Admin') # Bust cache current_user.refresh_user_cache MnoEnterprise::EventLogger.info('organization_create', current_user.id, 'Organization created', organization) render 'show' end
destroy()
click to toggle source
DELETE /mnoe/jpi/v1/organizations/1
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 44 def destroy if organization authorize! :destroy, organization MnoEnterprise::EventLogger.info('organization_destroy', current_user.id, 'Organization deleted', organization) organization.destroy end head :no_content end
index()
click to toggle source
invite_members()
click to toggle source
PUT /mnoe/jpi/v1/organizations/:id/invite_members
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 104 def invite_members # Filter whitelist = ['email','role','team_id'] attributes = [] params[:invites].each do |invite| attributes << invite.slice(*whitelist) end # Authorize and create authorize! :invite_member, organization attributes.each do |invite| @org_invite = organization.org_invites.create( user_email: invite['email'], user_role: invite['role'], team_id: invite['team_id'], referrer_id: current_user.id, notification_sent_at: Time.now ) MnoEnterprise::SystemNotificationMailer.organization_invite(@org_invite).deliver_now MnoEnterprise::EventLogger.info('user_invite', current_user.id, 'User invited', @org_invite) end # Reload users organization.users.reload render 'members' end
remove_member()
click to toggle source
PUT /mnoe/jpi/v1/organizations/:id/remove_member
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 166 def remove_member authorize! :invite_member, organization if member.is_a?(MnoEnterprise::User) organization.remove_user(member) MnoEnterprise::EventLogger.info('user_role_delete', current_user.id, 'User removed from org', organization, {email: member.email}) elsif member.is_a?(MnoEnterprise::OrgInvite) member.cancel! MnoEnterprise::EventLogger.info('user_role_delete', current_user.id, 'User removed from invitation', organization, {email: member.user_email}) end render 'members' end
show()
click to toggle source
GET /mnoe/jpi/v1/organizations/1
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 24 def show organization # load organization end
update()
click to toggle source
PUT /mnoe/jpi/v1/organizations/:id
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 29 def update # Update and Authorize organization.assign_attributes(organization_update_params) authorize! :update, organization changes = organization.changes # Save if organization.save MnoEnterprise::EventLogger.info('organization_update', current_user.id, 'Organization update', organization, changes) render 'show_reduced' else render json: organization.errors, status: :bad_request end end
update_billing()
click to toggle source
PUT /mnoe/jpi/v1/organizations/:id/update_billing
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 87 def update_billing authorize! :manage_billing, organization # Upsert if (@credit_card = organization.credit_card) && check_valid_payment_method @credit_card.assign_attributes(organization_billing_params.merge(organization_id: @credit_card.organization_id)) @credit_card.save end if @credit_card.errors.empty? render 'credit_card' else render json: @credit_card.errors, status: :bad_request end end
update_member()
click to toggle source
PUT /mnoe/jpi/v1/organizations/:id/update_member
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 134 def update_member attributes = params[:member] # Authorize and update => Admin or Super Admin authorize! :invite_member, organization if organization.role == 'Admin' # Admin cannot assign Super Admin role raise CanCan::AccessDenied if attributes[:role] == 'Super Admin' # Admin cannot edit Super Admin raise CanCan::AccessDenied if (member.is_a?(MnoEnterprise::User) && member.role == 'Super Admin') || (member.is_a?(MnoEnterprise::OrgInvite) && member.user_role == 'Super Admin') elsif member.id == current_user.id && attributes[:role] != 'Super Admin' && organization.users.count {|u| u.role == 'Super Admin'} <= 1 # A super admin cannot modify his role if he's the last super admin raise CanCan::AccessDenied end # Happy Path case member when MnoEnterprise::User organization.users.update(id: member.id, role: attributes[:role]) MnoEnterprise::EventLogger.info('user_role_update', current_user.id, 'User role update in org', organization, {email: attributes[:email], role: attributes[:role]}) when MnoEnterprise::OrgInvite member.update(user_role: attributes[:role]) MnoEnterprise::EventLogger.info('user_role_update', current_user.id, 'User role update in invitation', organization, {email: attributes[:email], role: attributes[:role]}) end render 'members' end
Protected Instance Methods
check_valid_payment_method()
click to toggle source
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 217 def check_valid_payment_method return true unless organization.payment_restriction.present? if CreditCardValidations::Detector.new(organization_billing_params[:number]).valid?(*organization.payment_restriction) true else cards = organization.payment_restriction.map(&:capitalize).to_sentence @credit_card.errors.add(:number, "Payment is limited to #{cards} Card Holders") false end end
member()
click to toggle source
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 181 def member @member ||= begin email = params.require(:member).require(:email) # Organizations are already loaded with all users organization.users.to_a.find { |u| u.email == email } || organization.org_invites.active.where(user_email: email).first end end
organization()
click to toggle source
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 190 def organization @organization ||= begin # Find in arrays if organizations have been fetched # already. Perform remote query otherwise if current_user.organizations.loaded? current_user.organizations.to_a.find { |o| o.id.to_s == params[:id].to_s } else current_user.organizations.where(id: params[:id]).first end end end
organization_billing_params()
click to toggle source
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 210 def organization_billing_params params.require(:credit_card).permit( 'title', 'first_name', 'last_name', 'number', 'month', 'year', 'country', 'verification_value', 'billing_address', 'billing_city', 'billing_postcode', 'billing_country' ) end
organization_management_enabled?()
click to toggle source
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 229 def organization_management_enabled? return head :forbidden unless Settings.organization_management.enabled end
organization_permitted_update_params()
click to toggle source
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 202 def organization_permitted_update_params [:name, :soa_enabled, :industry, :size, :financial_year_end_month] end
organization_update_params()
click to toggle source
# File lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb, line 206 def organization_update_params params.fetch(:organization, {}).permit(*organization_permitted_update_params) end