123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325 |
- # Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/
- class OrganizationsController < ApplicationController
- prepend_before_action :authentication_check
- =begin
- Format:
- JSON
- Example:
- {
- "id":1,
- "name":"Znuny GmbH",
- "note":"",
- "active":true,
- "shared":true,
- "updated_at":"2012-09-14T17:51:53Z",
- "created_at":"2012-09-14T17:51:53Z",
- "created_by_id":2,
- }
- =end
- =begin
- Resource:
- GET /api/v1/organizations
- Response:
- [
- {
- "id": 1,
- "name": "some_name1",
- ...
- },
- {
- "id": 2,
- "name": "some_name2",
- ...
- }
- ]
- Test:
- curl http://localhost/api/v1/organizations -v -u #{login}:#{password}
- =end
- def index
- offset = 0
- per_page = 500
- if params[:page] && params[:per_page]
- offset = (params[:page].to_i - 1) * params[:per_page].to_i
- per_page = params[:per_page].to_i
- end
- if per_page > 500
- per_page = 500
- end
- # only allow customer to fetch his own organization
- organizations = []
- if !current_user.permissions?(['admin.organization', 'ticket.agent'])
- if current_user.organization_id
- organizations = Organization.where(id: current_user.organization_id).order(id: 'ASC').offset(offset).limit(per_page)
- end
- else
- organizations = Organization.all.order(id: 'ASC').offset(offset).limit(per_page)
- end
- if params[:expand]
- list = []
- organizations.each do |organization|
- list.push organization.attributes_with_association_names
- end
- render json: list, status: :ok
- return
- end
- if params[:full]
- assets = {}
- item_ids = []
- organizations.each do |item|
- item_ids.push item.id
- assets = item.assets(assets)
- end
- render json: {
- record_ids: item_ids,
- assets: assets,
- }, status: :ok
- return
- end
- list = []
- organizations.each do |organization|
- list.push organization.attributes_with_association_ids
- end
- render json: list
- end
- =begin
- Resource:
- GET /api/v1/organizations/#{id}
- Response:
- {
- "id": 1,
- "name": "name_1",
- ...
- }
- Test:
- curl http://localhost/api/v1/organizations/#{id} -v -u #{login}:#{password}
- =end
- def show
- # only allow customer to fetch his own organization
- if !current_user.permissions?(['admin.organization', 'ticket.agent'])
- if !current_user.organization_id
- render json: {}
- return
- end
- raise Exceptions::NotAuthorized if params[:id].to_i != current_user.organization_id
- end
- if params[:expand]
- organization = Organization.find(params[:id]).attributes_with_association_names
- render json: organization, status: :ok
- return
- end
- if params[:full]
- full = Organization.full(params[:id])
- render json: full
- return
- end
- model_show_render(Organization, params)
- end
- =begin
- Resource:
- POST /api/v1/organizations
- Payload:
- {
- "name": "some_name",
- "active": true,
- "note": "some note",
- "shared": true
- }
- Response:
- {
- "id": 1,
- "name": "some_name",
- ...
- }
- Test:
- curl http://localhost/api/v1/organizations -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"name": "some_name","active": true,"shared": true,"note": "some note"}'
- =end
- def create
- permission_check(['admin.organization', 'ticket.agent'])
- model_create_render(Organization, params)
- end
- =begin
- Resource:
- PUT /api/v1/organizations/{id}
- Payload:
- {
- "id": 1
- "name": "some_name",
- "active": true,
- "note": "some note",
- "shared": true
- }
- Response:
- {
- "id": 1,
- "name": "some_name",
- ...
- }
- Test:
- curl http://localhost/api/v1/organizations -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"id": 1,"name": "some_name","active": true,"shared": true,"note": "some note"}'
- =end
- def update
- permission_check(['admin.organization', 'ticket.agent'])
- model_update_render(Organization, params)
- end
- =begin
- Resource:
- DELETE /api/v1/organization/{id}
- Response:
- {}
- Test:
- curl http://localhost/api/v1/organization/{id} -v -u #{login}:#{password} -H "Content-Type: application/json" -X DELETE -d '{}'
- =end
- def destroy
- permission_check(['admin.organization', 'ticket.agent'])
- model_references_check(Organization, params)
- model_destroy_render(Organization, params)
- end
- # GET /api/v1/organizations/search
- def search
- if !current_user.permissions?(['admin.organization', 'ticket.agent'])
- raise Exceptions::NotAuthorized
- end
- # set limit for pagination if needed
- if params[:page] && params[:per_page]
- params[:limit] = params[:page].to_i * params[:per_page].to_i
- end
- if params[:limit] && params[:limit].to_i > 500
- params[:limit] = 500
- end
- query = params[:query]
- if query.respond_to?(:permit!)
- query = query.permit!.to_h
- end
- query_params = {
- query: query,
- limit: params[:limit],
- current_user: current_user,
- }
- if params[:role_ids].present?
- query_params[:role_ids] = params[:role_ids]
- end
- # do query
- organization_all = Organization.search(query_params)
- # do pagination if needed
- if params[:page] && params[:per_page]
- offset = (params[:page].to_i - 1) * params[:per_page].to_i
- organization_all = organization_all[offset, params[:per_page].to_i] || []
- end
- if params[:expand]
- list = []
- organization_all.each do |organization|
- list.push organization.attributes_with_association_names
- end
- render json: list, status: :ok
- return
- end
- # build result list
- if params[:label]
- organizations = []
- organization_all.each do |organization|
- a = { id: organization.id, label: organization.name, value: organization.name }
- organizations.push a
- end
- # return result
- render json: organizations
- return
- end
- if params[:full]
- organization_ids = []
- assets = {}
- organization_all.each do |organization|
- assets = organization.assets(assets)
- organization_ids.push organization.id
- end
- # return result
- render json: {
- assets: assets,
- organization_ids: organization_ids.uniq,
- }
- return
- end
- list = []
- organization_all.each do |organization|
- list.push organization.attributes_with_association_ids
- end
- render json: list, status: :ok
- end
- # GET /api/v1/organizations/history/1
- def history
- # permission check
- if !current_user.permissions?(['admin.organization', 'ticket.agent'])
- raise Exceptions::NotAuthorized
- end
- # get organization data
- organization = Organization.find(params[:id])
- # get history of organization
- history = organization.history_get(true)
- # return result
- render json: history
- end
- end
|