2014-03-17 07:44:54 -04:00
|
|
|
module API
|
|
|
|
# Projects members API
|
|
|
|
class ProjectMembers < Grape::API
|
|
|
|
before { authenticate! }
|
|
|
|
|
|
|
|
resource :projects do
|
|
|
|
helpers do
|
|
|
|
def handle_project_member_errors(errors)
|
2014-09-15 05:01:45 -04:00
|
|
|
if errors[:access_level].any?
|
|
|
|
error!(errors[:access_level], 422)
|
2014-03-17 07:44:54 -04:00
|
|
|
end
|
|
|
|
not_found!
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Get a project team members
|
|
|
|
#
|
|
|
|
# Parameters:
|
|
|
|
# id (required) - The ID of a project
|
|
|
|
# query - Query string
|
|
|
|
# Example Request:
|
|
|
|
# GET /projects/:id/members
|
|
|
|
get ":id/members" do
|
|
|
|
if params[:query].present?
|
|
|
|
@members = paginate user_project.users.where("username LIKE ?", "%#{params[:query]}%")
|
|
|
|
else
|
|
|
|
@members = paginate user_project.users
|
|
|
|
end
|
|
|
|
present @members, with: Entities::ProjectMember, project: user_project
|
|
|
|
end
|
|
|
|
|
|
|
|
# Get a project team members
|
|
|
|
#
|
|
|
|
# Parameters:
|
|
|
|
# id (required) - The ID of a project
|
|
|
|
# user_id (required) - The ID of a user
|
|
|
|
# Example Request:
|
|
|
|
# GET /projects/:id/members/:user_id
|
|
|
|
get ":id/members/:user_id" do
|
|
|
|
@member = user_project.users.find params[:user_id]
|
|
|
|
present @member, with: Entities::ProjectMember, project: user_project
|
|
|
|
end
|
|
|
|
|
|
|
|
# Add a new project team member
|
|
|
|
#
|
|
|
|
# Parameters:
|
|
|
|
# id (required) - The ID of a project
|
|
|
|
# user_id (required) - The ID of a user
|
|
|
|
# access_level (required) - Project access level
|
|
|
|
# Example Request:
|
|
|
|
# POST /projects/:id/members
|
|
|
|
post ":id/members" do
|
|
|
|
authorize! :admin_project, user_project
|
|
|
|
required_attributes! [:user_id, :access_level]
|
|
|
|
|
|
|
|
# either the user is already a team member or a new one
|
|
|
|
team_member = user_project.team_member_by_id(params[:user_id])
|
|
|
|
if team_member.nil?
|
2014-09-14 12:32:51 -04:00
|
|
|
team_member = user_project.project_members.new(
|
2014-03-17 07:44:54 -04:00
|
|
|
user_id: params[:user_id],
|
2014-09-15 04:36:50 -04:00
|
|
|
access_level: params[:access_level]
|
2014-03-17 07:44:54 -04:00
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
if team_member.save
|
|
|
|
@member = team_member.user
|
|
|
|
present @member, with: Entities::ProjectMember, project: user_project
|
|
|
|
else
|
|
|
|
handle_project_member_errors team_member.errors
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Update project team member
|
|
|
|
#
|
|
|
|
# Parameters:
|
|
|
|
# id (required) - The ID of a project
|
|
|
|
# user_id (required) - The ID of a team member
|
|
|
|
# access_level (required) - Project access level
|
|
|
|
# Example Request:
|
|
|
|
# PUT /projects/:id/members/:user_id
|
|
|
|
put ":id/members/:user_id" do
|
|
|
|
authorize! :admin_project, user_project
|
|
|
|
required_attributes! [:access_level]
|
|
|
|
|
2014-09-14 12:32:51 -04:00
|
|
|
team_member = user_project.project_members.find_by(user_id: params[:user_id])
|
2014-03-17 07:44:54 -04:00
|
|
|
not_found!("User can not be found") if team_member.nil?
|
|
|
|
|
2014-09-15 04:36:50 -04:00
|
|
|
if team_member.update_attributes(access_level: params[:access_level])
|
2014-03-17 07:44:54 -04:00
|
|
|
@member = team_member.user
|
|
|
|
present @member, with: Entities::ProjectMember, project: user_project
|
|
|
|
else
|
|
|
|
handle_project_member_errors team_member.errors
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Remove a team member from project
|
|
|
|
#
|
|
|
|
# Parameters:
|
|
|
|
# id (required) - The ID of a project
|
|
|
|
# user_id (required) - The ID of a team member
|
|
|
|
# Example Request:
|
|
|
|
# DELETE /projects/:id/members/:user_id
|
|
|
|
delete ":id/members/:user_id" do
|
|
|
|
authorize! :admin_project, user_project
|
2014-09-14 12:32:51 -04:00
|
|
|
team_member = user_project.project_members.find_by(user_id: params[:user_id])
|
2014-03-17 07:44:54 -04:00
|
|
|
unless team_member.nil?
|
|
|
|
team_member.destroy
|
|
|
|
else
|
|
|
|
{message: "Access revoked", id: params[:user_id].to_i}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|