| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889 |
- # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
- class TicketsSharedDraftStartsController < ApplicationController
- prepend_before_action :authenticate_and_authorize!
- def index
- drafts = scope
- render json: {
- shared_draft_ids: drafts.map(&:id),
- assets: ApplicationModel::CanAssets.reduce(drafts),
- }
- end
- def show
- object = scope.find params[:id]
- render json: {
- shared_draft_id: object.id,
- shared_draft_content: object.content,
- assets: object.assets,
- }
- end
- def create
- object = scope.create! safe_params
- object.attach_upload_cache params[:form_id]
- render json: {
- shared_draft_id: object.id,
- assets: object.assets,
- }
- end
- def update
- object = scope.find params[:id]
- object.update! safe_params
- object.attach_upload_cache params[:form_id]
- render json: {
- shared_draft_id: object.id,
- assets: object.assets,
- }
- end
- def destroy
- object = scope.find params[:id]
- object.destroy!
- render json: {
- shared_draft_id: object.id
- }
- end
- def import_attachments
- object = scope.find params[:id]
- new_attachments = object.clone_attachments 'UploadCache', params[:form_id]
- render json: {
- attachments: new_attachments
- }
- end
- private
- def scope
- Ticket::SharedDraftStartPolicy::Scope
- .new(current_user, Ticket::SharedDraftStart)
- .resolve
- end
- def safe_params
- safe_params = params.permit :name, :group_id, content: {}
- safe_params[:content].delete :group_id
- allowed_groups = current_user.groups_access('create').map { |x| x.id.to_s }
- group_id = safe_params[:group_id]&.to_s
- if allowed_groups.exclude? group_id
- raise Exceptions::UnprocessableEntity, __("User does not have access to one of given group IDs: #{group_id}")
- end
- safe_params
- end
- end
|
