mno-enterprise-api 3.3.3 → 3.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/app/controllers/mno_enterprise/jpi/v1/admin/impac/dashboards_controller.rb +105 -0
- data/app/controllers/mno_enterprise/jpi/v1/admin/impac/widgets_controller.rb +20 -8
- data/app/controllers/mno_enterprise/jpi/v1/admin/invoices_controller.rb +1 -1
- data/app/controllers/mno_enterprise/jpi/v1/admin/organizations_controller.rb +1 -140
- data/app/controllers/mno_enterprise/jpi/v1/admin/sub_tenants_controller.rb +64 -0
- data/app/controllers/mno_enterprise/jpi/v1/admin/users_controller.rb +30 -20
- data/app/views/mno_enterprise/jpi/v1/admin/impac/dashboards/_dashboard.json.jbuilder +12 -0
- data/app/views/mno_enterprise/jpi/v1/admin/impac/dashboards/index.json.jbuilder +1 -0
- data/app/views/mno_enterprise/jpi/v1/admin/impac/dashboards/show.json.jbuilder +1 -0
- data/app/views/mno_enterprise/jpi/v1/admin/impac/widgets/_widget.json.jbuilder +1 -0
- data/app/views/mno_enterprise/jpi/v1/admin/organizations/_organization.json.jbuilder +1 -1
- data/app/views/mno_enterprise/jpi/v1/admin/sub_tenants/_sub_tenant.json.jbuilder +1 -0
- data/app/views/mno_enterprise/jpi/v1/admin/sub_tenants/index.json.jbuilder +2 -0
- data/app/views/mno_enterprise/jpi/v1/admin/sub_tenants/show.json.jbuilder +12 -0
- data/app/views/mno_enterprise/jpi/v1/admin/users/_user.json.jbuilder +1 -1
- data/app/views/mno_enterprise/jpi/v1/admin/users/show.json.jbuilder +5 -5
- data/app/views/mno_enterprise/jpi/v1/current_users/show.json.jbuilder +4 -2
- data/app/views/mno_enterprise/jpi/v1/impac/widgets/_widget.json.jbuilder +1 -0
- data/app/views/mno_enterprise/jpi/v1/organizations/_organization.json.jbuilder +1 -1
- data/config/routes.rb +9 -1
- data/lib/mno_enterprise/concerns/controllers/jpi/v1/admin/organizations_controller.rb +159 -0
- data/lib/mno_enterprise/concerns/controllers/jpi/v1/impac/alerts_controller.rb +3 -6
- data/lib/mno_enterprise/concerns/controllers/jpi/v1/impac/dashboards_controller.rb +29 -38
- data/lib/mno_enterprise/concerns/controllers/jpi/v1/impac/kpis_controller.rb +7 -8
- data/lib/mno_enterprise/concerns/controllers/jpi/v1/impac/widgets_controller.rb +14 -2
- data/lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb +1 -1
- data/spec/controllers/mno_enterprise/jpi/v1/admin/impac/dashboard_controller_spec.rb +149 -0
- data/spec/controllers/mno_enterprise/jpi/v1/admin/impac/dashboard_templates_controller_spec.rb +151 -139
- data/spec/controllers/mno_enterprise/jpi/v1/admin/impac/kpis_controller_spec.rb +95 -69
- data/spec/controllers/mno_enterprise/jpi/v1/admin/impac/widgets_controller_spec.rb +169 -81
- data/spec/controllers/mno_enterprise/jpi/v1/admin/invoices_controller_spec.rb +1 -1
- data/spec/controllers/mno_enterprise/jpi/v1/admin/organizations_controller_spec.rb +2 -1
- data/spec/controllers/mno_enterprise/jpi/v1/admin/sub_tenants_controller_spec.rb +172 -0
- data/spec/controllers/mno_enterprise/jpi/v1/admin/users_controller_spec.rb +29 -12
- data/spec/controllers/mno_enterprise/jpi/v1/current_users_controller_spec.rb +4 -2
- data/spec/controllers/mno_enterprise/jpi/v1/impac/dashboards_controller_spec.rb +26 -15
- data/spec/controllers/mno_enterprise/jpi/v1/impac/kpis_controller_spec.rb +11 -7
- data/spec/routing/mno_enterprise/jpi/v1/admin/impac/dashboards_controller_routing_spec.rb +28 -0
- data/spec/routing/mno_enterprise/jpi/v1/impac/dashboards_controller_routing_spec.rb +4 -0
- metadata +85 -70
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 7290fdf449f59fbeb71e5640c79c6d225d2c51e83c799c054985de5bf9f348c3
|
4
|
+
data.tar.gz: 664d0e7bfdbadab11c4b02c99bcf2aab9f83e5d760afe12ddcda99b847f87aba
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a47f6e4ce122b6604805fd94c4230ed90d304a0b7240ca57841b0740c7836e8e13a2aeb9de8ae4231a5b3d52259c9638170f2975a3c7a3711e628472b5a1581a
|
7
|
+
data.tar.gz: e854f824bd91dd97c017747d37fc7b8c6f0c2c16c996c401c945e724285d8ce4c817fe79efeb7b1b08f5f0e5ccbddb505c86df3bdf36eace070370309bb72c23
|
@@ -0,0 +1,105 @@
|
|
1
|
+
module MnoEnterprise
|
2
|
+
# TODO: DRY with dashboard templates?
|
3
|
+
class Jpi::V1::Admin::Impac::DashboardsController < Jpi::V1::Admin::BaseResourceController
|
4
|
+
# GET /mnoe/jpi/v1/admin/impac/dashboards
|
5
|
+
def index
|
6
|
+
if params[:where]
|
7
|
+
data_source = params[:where].delete(:data_sources)
|
8
|
+
params[:where]['settings.like'] = "%#{data_source}%"
|
9
|
+
end
|
10
|
+
|
11
|
+
@dashboards = MnoEnterprise::Impac::Dashboard
|
12
|
+
@dashboards = @dashboards.limit(params[:limit]) if params[:limit]
|
13
|
+
@dashboards = @dashboards.skip(params[:offset]) if params[:offset]
|
14
|
+
@dashboards = @dashboards.order_by(params[:order_by]) if params[:order_by]
|
15
|
+
@dashboards = @dashboards.where(params[:where]) if params[:where]
|
16
|
+
@dashboards = @dashboards.where(owner_type: 'User', owner_id: current_user.id)
|
17
|
+
@dashboards = @dashboards.all.fetch
|
18
|
+
|
19
|
+
response.headers['X-Total-Count'] = @dashboards.metadata[:pagination][:count]
|
20
|
+
end
|
21
|
+
|
22
|
+
# POST /mnoe/jpi/v1/admin/impac/dashboard
|
23
|
+
def create
|
24
|
+
@dashboard = MnoEnterprise::Impac::Dashboard.new(dashboard_params)
|
25
|
+
|
26
|
+
# Abort on failure
|
27
|
+
unless @dashboard.save
|
28
|
+
return render json: { errors: dashboard.errors }, status: :bad_request
|
29
|
+
end
|
30
|
+
|
31
|
+
MnoEnterprise::EventLogger.info('dashboard_create', current_user.id, 'Dashboard Creation', @dashboard)
|
32
|
+
render :show
|
33
|
+
end
|
34
|
+
|
35
|
+
# PATCH/PUT /mnoe/jpi/v1/admin/impac/dashboards/1
|
36
|
+
def update
|
37
|
+
return render json: { errors: { message: 'Dashboard not found' } }, status: :not_found unless dashboard
|
38
|
+
|
39
|
+
# Abort on failure
|
40
|
+
unless dashboard.update(dashboard_params)
|
41
|
+
return render json: { errors: dashboard.errors }, status: :bad_request
|
42
|
+
end
|
43
|
+
|
44
|
+
MnoEnterprise::EventLogger.info('dashboard_update', current_user.id, 'Dashboard Update', dashboard)
|
45
|
+
render :show
|
46
|
+
end
|
47
|
+
|
48
|
+
# DELETE /mnoe/jpi/v1/admin/impac/dashboards/1
|
49
|
+
def destroy
|
50
|
+
return render json: { errors: { message: 'Dashboard not found' } }, status: :not_found unless dashboard
|
51
|
+
|
52
|
+
# Abort on failure
|
53
|
+
unless dashboard.destroy
|
54
|
+
return render json: { errors: 'Cannot destroy dashboard' }, status: :bad_request
|
55
|
+
end
|
56
|
+
|
57
|
+
MnoEnterprise::EventLogger.info('dashboard_delete', current_user.id, 'Dashboard Deletion', dashboard)
|
58
|
+
head status: :ok
|
59
|
+
end
|
60
|
+
|
61
|
+
# Allows to create a dashboard using another dashboard as a source
|
62
|
+
# At the moment, only dashboards of type "template" can be copied
|
63
|
+
# Ultimately we could allow the creation of dashboards from any other dashboard
|
64
|
+
# ---------------------------------
|
65
|
+
# POST mnoe/jpi/v1/admin/impac/dashboards/1/copy
|
66
|
+
def copy
|
67
|
+
render json: { errors: { message: 'Dashboard template not found' } }, status: :not_found unless template
|
68
|
+
|
69
|
+
# Owner is the current user by default, can be overriden to something else (eg: current organization)
|
70
|
+
@dashboard = template.copy(current_user, dashboard_params[:name], dashboard_params[:organization_ids])
|
71
|
+
|
72
|
+
unless @dashboard.present?
|
73
|
+
return render json: { errors: 'Cannot copy template' }, status: :bad_request
|
74
|
+
end
|
75
|
+
|
76
|
+
render :show
|
77
|
+
end
|
78
|
+
|
79
|
+
protected
|
80
|
+
|
81
|
+
def dashboard
|
82
|
+
# Staff dashboard is scoped to current staff
|
83
|
+
@dashboard ||= MnoEnterprise::Impac::Dashboard.find_by(id: params[:id], owner_type: 'User', owner_id: current_user.id)
|
84
|
+
end
|
85
|
+
|
86
|
+
def template
|
87
|
+
# Templates are available to all staff
|
88
|
+
@template ||= MnoEnterprise::Impac::Dashboard.templates.find(params[:id])
|
89
|
+
end
|
90
|
+
|
91
|
+
def whitelisted_params
|
92
|
+
[:name, :currency, { widgets_order: [] }, { organization_ids: [] }]
|
93
|
+
end
|
94
|
+
|
95
|
+
# Allows all metadata attrs to be permitted, and maps it to :settings
|
96
|
+
# for the Her "meta_data" issue.
|
97
|
+
def dashboard_params
|
98
|
+
params.require(:dashboard).permit(*whitelisted_params).tap do |whitelisted|
|
99
|
+
whitelisted[:settings] = params[:dashboard][:metadata] || {}
|
100
|
+
end
|
101
|
+
.except(:metadata)
|
102
|
+
.merge(owner_type: 'User', owner_id: current_user.id)
|
103
|
+
end
|
104
|
+
end
|
105
|
+
end
|
@@ -1,18 +1,20 @@
|
|
1
1
|
module MnoEnterprise
|
2
2
|
# From the Admin panel, an admin can:
|
3
|
+
# - add widgets to staff dashboards (passing the dashboard id)
|
3
4
|
# - add widgets to template dashboards (passing the dashboard template id)
|
4
5
|
# - update any widget (passing its id)
|
5
6
|
# - delete any widget (passing its id)
|
6
7
|
class Jpi::V1::Admin::Impac::WidgetsController < Jpi::V1::Admin::BaseResourceController
|
7
8
|
|
8
9
|
# POST /mnoe/jpi/v1/admin/impac/dashboard_templates/:id/widgets
|
10
|
+
# POST /mnoe/jpi/v1/admin/impac/dashboards/:id/widgets
|
9
11
|
def create
|
10
|
-
return render json: { errors: { message:
|
12
|
+
return render json: { errors: { message: "#{container} not found" } }, status: :not_found unless dashboard.present?
|
11
13
|
|
12
|
-
@widget =
|
14
|
+
@widget = dashboard.widgets.create(widget_create_params)
|
13
15
|
return render json: { errors: (widget && widget.errors).to_a }, status: :bad_request unless widget.present? && widget.valid?
|
14
16
|
|
15
|
-
MnoEnterprise::EventLogger.info('widget_create', current_user.id,
|
17
|
+
MnoEnterprise::EventLogger.info('widget_create', current_user.id, "#{container} Widget Creation", widget)
|
16
18
|
@no_content = true
|
17
19
|
render 'show'
|
18
20
|
end
|
@@ -23,7 +25,7 @@ module MnoEnterprise
|
|
23
25
|
return render json: { errors: 'Cannot update widget' }, status: :bad_request
|
24
26
|
end
|
25
27
|
|
26
|
-
MnoEnterprise::EventLogger.info('widget_update', current_user.id,
|
28
|
+
MnoEnterprise::EventLogger.info('widget_update', current_user.id, "#{container} Widget Update", widget)
|
27
29
|
@nocontent = !params['metadata']
|
28
30
|
render 'show'
|
29
31
|
end
|
@@ -34,14 +36,23 @@ module MnoEnterprise
|
|
34
36
|
return render json: { errors: 'Cannot delete widget' }, status: :bad_request
|
35
37
|
end
|
36
38
|
|
37
|
-
MnoEnterprise::EventLogger.info('widget_delete', current_user.id,
|
39
|
+
MnoEnterprise::EventLogger.info('widget_delete', current_user.id, "#{container} Widget Deletion", widget)
|
38
40
|
head status: :ok
|
39
41
|
end
|
40
42
|
|
41
43
|
private
|
42
44
|
|
43
|
-
def
|
44
|
-
|
45
|
+
def dashboard
|
46
|
+
@dashboard ||= if params[:dashboard_template_id]
|
47
|
+
MnoEnterprise::Impac::Dashboard.templates.find(params[:dashboard_template_id])
|
48
|
+
elsif params[:dashboard_id]
|
49
|
+
MnoEnterprise::Impac::Dashboard.find_by(id: params[:dashboard_id], owner_type: 'User', owner_id: current_user.id)
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
# Used to customise the error message
|
54
|
+
def container
|
55
|
+
params[:dashboard_template_id] ? 'Dashboard template' : 'Dashboard'
|
45
56
|
end
|
46
57
|
|
47
58
|
def widget
|
@@ -49,7 +60,8 @@ module MnoEnterprise
|
|
49
60
|
end
|
50
61
|
|
51
62
|
def widget_create_params
|
52
|
-
|
63
|
+
permitted_attrs = [:endpoint, :name, :width, { layouts: [] }]
|
64
|
+
params.require(:widget).permit(*permitted_attrs).tap do |whitelisted|
|
53
65
|
whitelisted[:settings] = params[:widget][:metadata] || {}
|
54
66
|
# TODO: remove when all deployed versions of Impac! Angular will be above v1.5.0
|
55
67
|
# When this is done:
|
@@ -1,144 +1,5 @@
|
|
1
1
|
module MnoEnterprise
|
2
2
|
class Jpi::V1::Admin::OrganizationsController < Jpi::V1::Admin::BaseResourceController
|
3
|
-
|
4
|
-
# GET /mnoe/jpi/v1/admin/organizations
|
5
|
-
def index
|
6
|
-
if params[:terms]
|
7
|
-
# Search mode
|
8
|
-
@organizations = []
|
9
|
-
JSON.parse(params[:terms]).map { |t| @organizations = @organizations | MnoEnterprise::Organization.where(Hash[*t]).fetch }
|
10
|
-
response.headers['X-Total-Count'] = @organizations.count
|
11
|
-
else
|
12
|
-
# Index mode
|
13
|
-
@organizations = MnoEnterprise::Organization
|
14
|
-
@organizations = @organizations.limit(params[:limit]) if params[:limit]
|
15
|
-
@organizations = @organizations.skip(params[:offset]) if params[:offset]
|
16
|
-
@organizations = @organizations.order_by(params[:order_by]) if params[:order_by]
|
17
|
-
@organizations = @organizations.where(params[:where]) if params[:where]
|
18
|
-
@organizations = @organizations.all.fetch
|
19
|
-
response.headers['X-Total-Count'] = @organizations.metadata[:pagination][:count]
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
# GET /mnoe/jpi/v1/admin/organizations/1
|
24
|
-
def show
|
25
|
-
@organization = MnoEnterprise::Organization.find(params[:id])
|
26
|
-
@organization_active_apps = @organization.app_instances.active.to_a
|
27
|
-
end
|
28
|
-
|
29
|
-
# GET /mnoe/jpi/v1/admin/organizations/in_arrears
|
30
|
-
def in_arrears
|
31
|
-
@arrears = MnoEnterprise::ArrearsSituation.all.fetch
|
32
|
-
end
|
33
|
-
|
34
|
-
# GET /mnoe/jpi/v1/admin/organizations/count
|
35
|
-
def count
|
36
|
-
organizations_count = MnoEnterprise::Tenant.get('tenant').organizations_count
|
37
|
-
render json: {count: organizations_count }
|
38
|
-
end
|
39
|
-
|
40
|
-
# POST /mnoe/jpi/v1/admin/organizations
|
41
|
-
def create
|
42
|
-
# Create new organization
|
43
|
-
@organization = MnoEnterprise::Organization.create(organization_update_params)
|
44
|
-
|
45
|
-
# OPTIMIZE: move this into a delayed job?
|
46
|
-
update_app_list
|
47
|
-
|
48
|
-
@organization_active_apps = @organization.app_instances
|
49
|
-
|
50
|
-
render 'show'
|
51
|
-
end
|
52
|
-
|
53
|
-
# PATCH /mnoe/jpi/v1/admin/organizations/1
|
54
|
-
def update
|
55
|
-
# get organization
|
56
|
-
@organization = MnoEnterprise::Organization.find(params[:id])
|
57
|
-
|
58
|
-
update_app_list
|
59
|
-
|
60
|
-
@organization_active_apps = @organization.app_instances.active
|
61
|
-
|
62
|
-
render 'show'
|
63
|
-
end
|
64
|
-
|
65
|
-
# POST /mnoe/jpi/v1/admin/organizations/1/users
|
66
|
-
# Invite a user to the organization (and create it if needed)
|
67
|
-
# This does not send any emails (emails are manually triggered later)
|
68
|
-
def invite_member
|
69
|
-
@organization = MnoEnterprise::Organization.find(params[:id])
|
70
|
-
|
71
|
-
# Find or create a new user - We create it in the frontend as MnoHub will send confirmation instructions for newly
|
72
|
-
# created users
|
73
|
-
user = MnoEnterprise::User.find_by(email: user_params[:email]) || create_unconfirmed_user(user_params)
|
74
|
-
|
75
|
-
# Create the invitation
|
76
|
-
invite = @organization.org_invites.create(
|
77
|
-
user_email: user.email,
|
78
|
-
user_role: params[:user][:role],
|
79
|
-
referrer_id: current_user.id,
|
80
|
-
status: 'staged' # Will be updated to 'accepted' for unconfirmed users
|
81
|
-
)
|
82
|
-
|
83
|
-
@user = if user.confirmed?
|
84
|
-
invite.accept!(user)
|
85
|
-
invite.reload
|
86
|
-
else
|
87
|
-
user.reload
|
88
|
-
end
|
89
|
-
end
|
90
|
-
|
91
|
-
protected
|
92
|
-
|
93
|
-
def organization_permitted_update_params
|
94
|
-
[:name]
|
95
|
-
end
|
96
|
-
|
97
|
-
def organization_update_params
|
98
|
-
params.fetch(:organization, {}).permit(*organization_permitted_update_params)
|
99
|
-
end
|
100
|
-
|
101
|
-
def user_params
|
102
|
-
params.require(:user).permit(:email, :name, :surname, :phone)
|
103
|
-
end
|
104
|
-
|
105
|
-
# Create an unconfirmed user and skip the confirmation notification
|
106
|
-
# TODO: monkey patch User#confirmation_required? to simplify this? Use refinements?
|
107
|
-
def create_unconfirmed_user(user_params)
|
108
|
-
user = MnoEnterprise::User.new(user_params)
|
109
|
-
user.skip_confirmation_notification!
|
110
|
-
user.save
|
111
|
-
|
112
|
-
# Reset the confirmation field so we can track when the invite is send - #confirmation_sent_at is when the confirmation_token was generated (not sent)
|
113
|
-
# Not ideal as we do 2 saves, and the previous save trigger a call to the backend to validate the token uniqueness
|
114
|
-
user.assign_attributes(confirmation_sent_at: nil, confirmation_token: nil)
|
115
|
-
user.save
|
116
|
-
user
|
117
|
-
end
|
118
|
-
|
119
|
-
# Update App List to match the list passed in params
|
120
|
-
def update_app_list
|
121
|
-
# Differentiate between a null app_nids params and no app_nids params
|
122
|
-
if params[:organization].key?(:app_nids) && (desired_nids = Array(params[:organization][:app_nids]))
|
123
|
-
|
124
|
-
existing_apps = @organization.app_instances.active
|
125
|
-
|
126
|
-
existing_apps.each do |app_instance|
|
127
|
-
desired_nids.delete(app_instance.app.nid) || app_instance.terminate
|
128
|
-
end
|
129
|
-
|
130
|
-
desired_nids.each do |nid|
|
131
|
-
begin
|
132
|
-
@organization.app_instances.create(product: nid)
|
133
|
-
rescue => e
|
134
|
-
Rails.logger.error { "#{e.message} #{e.backtrace.join("\n")}" }
|
135
|
-
end
|
136
|
-
|
137
|
-
end
|
138
|
-
|
139
|
-
# Force reload
|
140
|
-
existing_apps.reload
|
141
|
-
end
|
142
|
-
end
|
3
|
+
include MnoEnterprise::Concerns::Controllers::Jpi::V1::Admin::OrganizationsController
|
143
4
|
end
|
144
5
|
end
|
@@ -0,0 +1,64 @@
|
|
1
|
+
module MnoEnterprise
|
2
|
+
class Jpi::V1::Admin::SubTenantsController < Jpi::V1::Admin::BaseResourceController
|
3
|
+
|
4
|
+
before_filter :check_sub_tenant_authorization, only: [:create, :update, :delete]
|
5
|
+
|
6
|
+
# GET /mnoe/jpi/v1/admin/sub_tenants
|
7
|
+
def index
|
8
|
+
# Index mode
|
9
|
+
@sub_tenants = MnoEnterprise::SubTenant
|
10
|
+
@sub_tenants = @sub_tenants.limit(params[:limit]) if params[:limit]
|
11
|
+
@sub_tenants = @sub_tenants.skip(params[:offset]) if params[:offset]
|
12
|
+
@sub_tenants = @sub_tenants.order_by(params[:order_by]) if params[:order_by]
|
13
|
+
@sub_tenants = @sub_tenants.where(params[:where]) if params[:where]
|
14
|
+
@sub_tenants = @sub_tenants.all
|
15
|
+
response.headers['X-Total-Count'] = @sub_tenants.metadata[:pagination][:count]
|
16
|
+
end
|
17
|
+
|
18
|
+
# GET /mnoe/jpi/v1/admin/sub_tenants/1
|
19
|
+
def show
|
20
|
+
@sub_tenant = MnoEnterprise::SubTenant.find(params[:id])
|
21
|
+
@sub_tenant_clients = @sub_tenant.clients
|
22
|
+
@sub_tenant_account_managers = @sub_tenant.account_managers
|
23
|
+
end
|
24
|
+
|
25
|
+
# POST /mnoe/jpi/v1/admin/sub_tenants
|
26
|
+
def create
|
27
|
+
@sub_tenant = MnoEnterprise::SubTenant.build(sub_tenant_params)
|
28
|
+
if @sub_tenant.save
|
29
|
+
render :show
|
30
|
+
else
|
31
|
+
render json: @sub_tenant.errors, status: :bad_request
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
# PATCH /mnoe/jpi/v1/admin/sub_tenant/:id
|
36
|
+
def update
|
37
|
+
@sub_tenant = MnoEnterprise::SubTenant.find(params[:id])
|
38
|
+
|
39
|
+
if @sub_tenant.update(sub_tenant_params)
|
40
|
+
@sub_tenant_clients = @sub_tenant.clients
|
41
|
+
@sub_tenant_account_managers = @sub_tenant.account_managers
|
42
|
+
render :show
|
43
|
+
else
|
44
|
+
render json: @sub_tenant.errors, status: :bad_request
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
# DELETE /mnoe/jpi/v1/admin/sub_tenant/1
|
49
|
+
def destroy
|
50
|
+
@sub_tenant = MnoEnterprise::SubTenant.find(params[:id])
|
51
|
+
@sub_tenant.destroy
|
52
|
+
head :no_content
|
53
|
+
end
|
54
|
+
|
55
|
+
def check_sub_tenant_authorization
|
56
|
+
authorize! :manage_sub_tenant, MnoEnterprise::SubTenant
|
57
|
+
end
|
58
|
+
|
59
|
+
private
|
60
|
+
def sub_tenant_params
|
61
|
+
params.require(:sub_tenant).permit(:name, client_ids: [], account_manager_ids: [])
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
@@ -10,12 +10,17 @@ module MnoEnterprise
|
|
10
10
|
response.headers['X-Total-Count'] = @users.count
|
11
11
|
else
|
12
12
|
# Index mode
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
13
|
+
query = MnoEnterprise::User
|
14
|
+
query = query.limit(params[:limit]) if params[:limit]
|
15
|
+
query = query.skip(params[:offset]) if params[:offset]
|
16
|
+
query = query.order_by(params[:order_by]) if params[:order_by]
|
17
|
+
query = query.where(params[:where]) if params[:where]
|
18
|
+
all = query.all
|
19
|
+
all.params[:sub_tenant_id] = params[:sub_tenant_id]
|
20
|
+
all.params[:account_manager_id] = params[:account_manager_id]
|
21
|
+
|
22
|
+
@users = all.fetch
|
23
|
+
|
19
24
|
response.headers['X-Total-Count'] = @users.metadata[:pagination][:count]
|
20
25
|
end
|
21
26
|
end
|
@@ -24,12 +29,12 @@ module MnoEnterprise
|
|
24
29
|
def show
|
25
30
|
@user = MnoEnterprise::User.find(params[:id])
|
26
31
|
@user_organizations = @user.organizations
|
32
|
+
@user_clients = @user.clients
|
27
33
|
end
|
28
34
|
|
29
35
|
# POST /mnoe/jpi/v1/admin/users
|
30
36
|
def create
|
31
37
|
@user = MnoEnterprise::User.build(user_create_params)
|
32
|
-
|
33
38
|
if @user.save
|
34
39
|
render :show
|
35
40
|
else
|
@@ -40,10 +45,11 @@ module MnoEnterprise
|
|
40
45
|
# PATCH /mnoe/jpi/v1/admin/users/:id
|
41
46
|
def update
|
42
47
|
# TODO: replace with authorize/ability
|
43
|
-
if current_user.admin_role
|
48
|
+
if current_user.admin_role.in? %w(admin sub_tenant_admin)
|
44
49
|
@user = MnoEnterprise::User.find(params[:id])
|
45
|
-
@user.update(user_params)
|
46
50
|
|
51
|
+
@user.update(user_update_params)
|
52
|
+
@user_clients = @user.clients
|
47
53
|
render :show
|
48
54
|
else
|
49
55
|
render :index, status: :unauthorized
|
@@ -74,21 +80,25 @@ module MnoEnterprise
|
|
74
80
|
|
75
81
|
private
|
76
82
|
|
77
|
-
def
|
78
|
-
|
79
|
-
end
|
80
|
-
|
81
|
-
def user_create_params
|
82
|
-
attrs = [:name, :surname, :email, :phone]
|
83
|
-
|
83
|
+
def user_update_params
|
84
|
+
attrs = [:name, :surname, :email, :phone, client_ids: []]
|
84
85
|
# TODO: replace with authorize/ability
|
85
|
-
if current_user.admin_role ==
|
86
|
+
if current_user.admin_role == 'admin'
|
86
87
|
attrs << :admin_role
|
88
|
+
attrs << :mnoe_sub_tenant_id
|
89
|
+
end
|
90
|
+
user_param = params.require(:user)
|
91
|
+
updated_params = user_param.permit(attrs)
|
92
|
+
updated_params[:client_ids] ||= [] if user_param.has_key?(:client_ids)
|
93
|
+
# if the user is updated to admin or division admin, his clients are cleared
|
94
|
+
if updated_params[:admin_role] && updated_params[:admin_role] != 'staff'
|
95
|
+
updated_params[:client_ids] = []
|
87
96
|
end
|
97
|
+
updated_params
|
98
|
+
end
|
88
99
|
|
89
|
-
|
90
|
-
|
91
|
-
)
|
100
|
+
def user_create_params
|
101
|
+
user_update_params.merge(password: Devise.friendly_token.first(12))
|
92
102
|
end
|
93
103
|
end
|
94
104
|
end
|