settings_controller.rb 2.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. class SettingsController < ApplicationController
  3. prepend_before_action :authenticate_and_authorize!
  4. # GET /settings
  5. def index
  6. list = []
  7. Setting.all.each do |setting|
  8. next if !authorized?(setting, :show?)
  9. list.push setting
  10. end
  11. render json: list, status: :ok
  12. end
  13. # GET /settings/1
  14. def show
  15. model_show_render(Setting, params)
  16. end
  17. # POST /settings
  18. def create
  19. raise Exceptions::Forbidden, __('Not authorized (feature not possible)')
  20. end
  21. # PUT /settings/1
  22. def update
  23. clean_params = keep_certain_attributes
  24. name = Setting.find(params[:id]).name
  25. Zammad::Restart.perform if %w[http_type fqdn].include?(name)
  26. model_update_render(Setting, clean_params)
  27. end
  28. # PUT /settings/image/:id
  29. def update_image
  30. logo_content = %i[logo logo_resize].each_with_object({}) do |key, memo|
  31. data = params[key]
  32. next if !data&.match? %r{^data:image}i
  33. file = ImageHelper.data_url_attributes(data)
  34. memo[key] = file[:content] if file
  35. end
  36. logo_timestamp = Service::SystemAssets::ProductLogo.store(logo_content[:logo], logo_content[:logo_resize])
  37. if !logo_timestamp
  38. render json: {
  39. result: 'invalid',
  40. message: __('The uploaded image could not be processed. Need data:image in logo or logo_resize param.'),
  41. }
  42. return
  43. end
  44. setting = Setting.lookup(name: 'product_logo')
  45. setting.state = logo_timestamp
  46. setting.save!
  47. render json: {
  48. result: 'ok',
  49. settings: [setting],
  50. }
  51. end
  52. # DELETE /settings/1
  53. def destroy
  54. raise Exceptions::Forbidden, __('Not authorized (feature not possible)')
  55. end
  56. # POST /settings/reset/1
  57. def reset
  58. setting = Setting.find(params[:id])
  59. Setting.reset(setting.name)
  60. setting.reload
  61. if response_expand?
  62. render json: setting.attributes_with_association_names, status: :ok
  63. return
  64. end
  65. if response_full?
  66. render json: setting.class.full(setting.id), status: :ok
  67. return
  68. end
  69. render json: setting.attributes_with_association_ids, status: :ok
  70. end
  71. private
  72. def keep_certain_attributes
  73. setting = Setting.find(params[:id])
  74. %i[name area state_initial frontend options].each do |key|
  75. params.delete(key)
  76. end
  77. if params[:preferences].present?
  78. %i[online_service_disable permission render].each do |key|
  79. params[:preferences].delete(key)
  80. end
  81. params[:preferences].merge!(setting.preferences)
  82. end
  83. params
  84. end
  85. end