about summary refs log tree commit diff
path: root/app/controllers/api/v1/admin/reports_controller.rb
blob: fbfd0ee128c1bdba8fbff1f7cea29e86c7db78e6 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
# frozen_string_literal: true

class Api::V1::Admin::ReportsController < Api::BaseController
  protect_from_forgery with: :exception

  include Authorization
  include AccountableConcern

  LIMIT = 100

  before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:reports' }, only: [:index, :show]
  before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:reports' }, except: [:index, :show]
  before_action :require_staff!
  before_action :set_reports, only: :index
  before_action :set_report, except: :index

  after_action :insert_pagination_headers, only: :index

  FILTER_PARAMS = %i(
    resolved
    account_id
    target_account_id
  ).freeze

  PAGINATION_PARAMS = (%i(limit) + FILTER_PARAMS).freeze

  def index
    authorize :report, :index?
    render json: @reports, each_serializer: REST::Admin::ReportSerializer
  end

  def show
    authorize @report, :show?
    render json: @report, serializer: REST::Admin::ReportSerializer
  end

  def update
    authorize @report, :update?
    @report.update!(report_params)
    render json: @report, serializer: REST::Admin::ReportSerializer
  end

  def assign_to_self
    authorize @report, :update?
    @report.update!(assigned_account_id: current_account.id)
    log_action :assigned_to_self, @report
    render json: @report, serializer: REST::Admin::ReportSerializer
  end

  def unassign
    authorize @report, :update?
    @report.update!(assigned_account_id: nil)
    log_action :unassigned, @report
    render json: @report, serializer: REST::Admin::ReportSerializer
  end

  def reopen
    authorize @report, :update?
    @report.unresolve!
    log_action :reopen, @report
    render json: @report, serializer: REST::Admin::ReportSerializer
  end

  def resolve
    authorize @report, :update?
    @report.resolve!(current_account)
    log_action :resolve, @report
    render json: @report, serializer: REST::Admin::ReportSerializer
  end

  private

  def set_reports
    @reports = filtered_reports.order(id: :desc).with_accounts.to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
  end

  def set_report
    @report = Report.find(params[:id])
  end

  def filtered_reports
    ReportFilter.new(filter_params).results
  end

  def report_params
    params.permit(:category, rule_ids: [])
  end

  def filter_params
    params.permit(*FILTER_PARAMS)
  end

  def insert_pagination_headers
    set_pagination_headers(next_path, prev_path)
  end

  def next_path
    api_v1_admin_reports_url(pagination_params(max_id: pagination_max_id)) if records_continue?
  end

  def prev_path
    api_v1_admin_reports_url(pagination_params(min_id: pagination_since_id)) unless @reports.empty?
  end

  def pagination_max_id
    @reports.last.id
  end

  def pagination_since_id
    @reports.first.id
  end

  def records_continue?
    @reports.size == limit_param(LIMIT)
  end

  def pagination_params(core_params)
    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
  end
end