organizations_controller.rb 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300
  1. # Copyright (C) 2012-2023 Zammad Foundation, https://zammad-foundation.org/
  2. class OrganizationsController < ApplicationController
  3. prepend_before_action -> { authorize! }, except: %i[index show]
  4. prepend_before_action { authentication_check }
  5. include CanPaginate
  6. =begin
  7. Format:
  8. JSON
  9. Example:
  10. {
  11. "id":1,
  12. "name":"Zammad GmbH",
  13. "note":"",
  14. "active":true,
  15. "shared":true,
  16. "updated_at":"2012-09-14T17:51:53Z",
  17. "created_at":"2012-09-14T17:51:53Z",
  18. "created_by_id":2,
  19. }
  20. =end
  21. =begin
  22. Resource:
  23. GET /api/v1/organizations
  24. Response:
  25. [
  26. {
  27. "id": 1,
  28. "name": "some_name1",
  29. ...
  30. },
  31. {
  32. "id": 2,
  33. "name": "some_name2",
  34. ...
  35. }
  36. ]
  37. Test:
  38. curl http://localhost/api/v1/organizations -v -u #{login}:#{password}
  39. =end
  40. def index
  41. model_index_render(policy_scope(Organization), params)
  42. end
  43. =begin
  44. Resource:
  45. GET /api/v1/organizations/#{id}
  46. Response:
  47. {
  48. "id": 1,
  49. "name": "name_1",
  50. ...
  51. }
  52. Test:
  53. curl http://localhost/api/v1/organizations/#{id} -v -u #{login}:#{password}
  54. =end
  55. def show
  56. begin
  57. authorize!
  58. rescue Pundit::NotAuthorizedError
  59. # we have a special case here where Users that have no
  60. # organization can request any organization_id but get
  61. # an empty response. However, users with an organization_id
  62. # get that error
  63. raise if current_user.organization_id
  64. render json: {}
  65. return
  66. end
  67. if response_expand?
  68. organization = Organization.find(params[:id]).attributes_with_association_names
  69. render json: organization, status: :ok
  70. return
  71. end
  72. if response_full?
  73. full = Organization.full(params[:id])
  74. render json: full, status: :ok
  75. return
  76. end
  77. model_show_render(Organization, params)
  78. end
  79. =begin
  80. Resource:
  81. POST /api/v1/organizations
  82. Payload:
  83. {
  84. "name": "some_name",
  85. "active": true,
  86. "note": "some note",
  87. "shared": true
  88. }
  89. Response:
  90. {
  91. "id": 1,
  92. "name": "some_name",
  93. ...
  94. }
  95. Test:
  96. curl http://localhost/api/v1/organizations -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"name": "some_name","active": true,"shared": true,"note": "some note"}'
  97. =end
  98. def create
  99. model_create_render(Organization, params)
  100. end
  101. =begin
  102. Resource:
  103. PUT /api/v1/organizations/{id}
  104. Payload:
  105. {
  106. "id": 1
  107. "name": "some_name",
  108. "active": true,
  109. "note": "some note",
  110. "shared": true
  111. }
  112. Response:
  113. {
  114. "id": 1,
  115. "name": "some_name",
  116. ...
  117. }
  118. Test:
  119. curl http://localhost/api/v1/organizations -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"id": 1,"name": "some_name","active": true,"shared": true,"note": "some note"}'
  120. =end
  121. def update
  122. model_update_render(Organization, params)
  123. end
  124. =begin
  125. Resource:
  126. DELETE /api/v1/organization/{id}
  127. Response:
  128. {}
  129. Test:
  130. curl http://localhost/api/v1/organization/{id} -v -u #{login}:#{password} -H "Content-Type: application/json" -X DELETE -d '{}'
  131. =end
  132. def destroy
  133. model_references_check(Organization, params)
  134. model_destroy_render(Organization, params)
  135. end
  136. # GET /api/v1/organizations/search
  137. def search
  138. query = params[:query]
  139. if query.respond_to?(:permit!)
  140. query = query.permit!.to_h
  141. end
  142. query_params = {
  143. query: query,
  144. limit: pagination.limit,
  145. offset: pagination.offset,
  146. sort_by: params[:sort_by],
  147. order_by: params[:order_by],
  148. current_user: current_user,
  149. }
  150. %i[ids role_ids].each do |key|
  151. next if params[key].blank?
  152. query_params[key] = params[key]
  153. end
  154. # do query
  155. organization_all = Organization.search(query_params)
  156. if response_expand?
  157. list = []
  158. organization_all.each do |organization|
  159. list.push organization.attributes_with_association_names
  160. end
  161. render json: list, status: :ok
  162. return
  163. end
  164. # build result list
  165. if params[:label]
  166. organizations = []
  167. organization_all.each do |organization|
  168. a = { id: organization.id, label: organization.name, value: organization.name }
  169. organizations.push a
  170. end
  171. # return result
  172. render json: organizations
  173. return
  174. end
  175. if response_full?
  176. organization_ids = []
  177. assets = {}
  178. organization_all.each do |organization|
  179. assets = organization.assets(assets)
  180. organization_ids.push organization.id
  181. end
  182. # return result
  183. render json: {
  184. assets: assets,
  185. organization_ids: organization_ids.uniq,
  186. }
  187. return
  188. end
  189. list = []
  190. organization_all.each do |organization|
  191. list.push organization.attributes_with_association_ids
  192. end
  193. render json: list, status: :ok
  194. end
  195. # GET /api/v1/organizations/history/1
  196. def history
  197. # get organization data
  198. organization = Organization.find(params[:id])
  199. # get history of organization
  200. render json: organization.history_get(true)
  201. end
  202. # @path [GET] /organizations/import_example
  203. #
  204. # @summary Download of example CSV file.
  205. # @notes The requester have 'admin.organization' permissions to be able to download it.
  206. # @example curl -u 'me@example.com:test' http://localhost:3000/api/v1/organizations/import_example
  207. #
  208. # @response_message 200 File download.
  209. # @response_message 403 Forbidden / Invalid session.
  210. def import_example
  211. send_data(
  212. Organization.csv_example,
  213. filename: 'organization-example.csv',
  214. type: 'text/csv',
  215. disposition: 'attachment'
  216. )
  217. end
  218. # @path [POST] /organizations/import
  219. #
  220. # @summary Starts import.
  221. # @notes The requester have 'admin.text_module' permissions to be create a new import.
  222. # @example curl -u 'me@example.com:test' -F 'file=@/path/to/file/organizations.csv' 'https://your.zammad/api/v1/organizations/import?try=true'
  223. # @example curl -u 'me@example.com:test' -F 'file=@/path/to/file/organizations.csv' 'https://your.zammad/api/v1/organizations/import'
  224. #
  225. # @response_message 201 Import started.
  226. # @response_message 403 Forbidden / Invalid session.
  227. def import_start
  228. string = params[:data]
  229. if string.blank? && params[:file].present?
  230. string = params[:file].read.force_encoding('utf-8')
  231. end
  232. raise Exceptions::UnprocessableEntity, __('No source data submitted!') if string.blank?
  233. result = Organization.csv_import(
  234. string: string,
  235. parse_params: {
  236. col_sep: params[:col_sep] || ',',
  237. },
  238. try: params[:try],
  239. delete: params[:delete],
  240. )
  241. render json: result, status: :ok
  242. end
  243. end