2022-07-18 10:47:54 +02:00
|
|
|
class TenantsController < ApplicationController
|
|
|
|
|
include ApplicationHelper
|
|
|
|
|
|
|
|
|
|
before_action :authenticate_admin, only: [:show, :update]
|
|
|
|
|
|
|
|
|
|
def new
|
|
|
|
|
@page_title = t('signup.page_title')
|
2024-01-22 14:45:48 +01:00
|
|
|
@o_auths = OAuth.unscoped.where(tenant_id: nil)
|
2022-07-18 10:47:54 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def show
|
|
|
|
|
render json: Current.tenant_or_raise!
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def create
|
|
|
|
|
@tenant = Tenant.new
|
|
|
|
|
@tenant.assign_attributes(tenant_create_params)
|
|
|
|
|
authorize @tenant
|
|
|
|
|
|
2024-01-22 14:45:48 +01:00
|
|
|
is_o_auth_login = params[:settings][:is_o_auth_login]
|
|
|
|
|
|
2022-07-18 10:47:54 +02:00
|
|
|
ActiveRecord::Base.transaction do
|
2024-01-22 14:45:48 +01:00
|
|
|
if is_o_auth_login
|
|
|
|
|
# Check if OAuth email and username coincide with submitted ones
|
|
|
|
|
# (session[:o_auth_sign_up] set in oauth#callback)
|
|
|
|
|
email, username = session[:o_auth_sign_up].split(",", 2)
|
|
|
|
|
raise "Mismatching email in OAuth login" unless email == params[:user][:email]
|
|
|
|
|
|
|
|
|
|
@tenant.status = "active" # no need to verify email address if logged in with oauth
|
|
|
|
|
end
|
|
|
|
|
|
2022-07-18 10:47:54 +02:00
|
|
|
@tenant.save!
|
|
|
|
|
Current.tenant = @tenant
|
2024-01-22 14:45:48 +01:00
|
|
|
|
|
|
|
|
@user = User.new(
|
|
|
|
|
full_name: params[:user][:full_name] || I18n.t('defaults.user_full_name'),
|
2022-07-18 10:47:54 +02:00
|
|
|
email: params[:user][:email],
|
2024-01-22 14:45:48 +01:00
|
|
|
password: is_o_auth_login ? Devise.friendly_token : params[:user][:password],
|
2023-01-30 20:24:24 +01:00
|
|
|
role: "owner"
|
2022-07-18 10:47:54 +02:00
|
|
|
)
|
2024-01-22 14:45:48 +01:00
|
|
|
|
|
|
|
|
if is_o_auth_login
|
|
|
|
|
@user.skip_confirmation
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
@user.save!
|
|
|
|
|
|
2022-07-18 10:47:54 +02:00
|
|
|
render json: @tenant, status: :created
|
|
|
|
|
|
|
|
|
|
rescue ActiveRecord::RecordInvalid => exception
|
|
|
|
|
render json: { error: exception }, status: :unprocessable_entity
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def update
|
|
|
|
|
@tenant = Current.tenant_or_raise!
|
|
|
|
|
authorize @tenant
|
|
|
|
|
|
|
|
|
|
if @tenant.update(tenant_update_params)
|
|
|
|
|
render json: @tenant
|
|
|
|
|
else
|
|
|
|
|
render json: {
|
|
|
|
|
error: @tenant.errors.full_messages
|
|
|
|
|
}, status: :unprocessable_entity
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2022-07-22 16:50:36 +02:00
|
|
|
# Given a new_subdomain
|
|
|
|
|
# Returns true if it is available, false otherwise
|
|
|
|
|
def is_available
|
|
|
|
|
subdomain = params[:new_subdomain]
|
|
|
|
|
|
|
|
|
|
return unless subdomain.present?
|
|
|
|
|
return if RESERVED_SUBDOMAINS.include?(subdomain)
|
|
|
|
|
return if Tenant.exists?(subdomain: subdomain)
|
|
|
|
|
|
|
|
|
|
render json: { is_available: 'true' }
|
|
|
|
|
end
|
|
|
|
|
|
2022-07-18 10:47:54 +02:00
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def tenant_create_params
|
|
|
|
|
params
|
|
|
|
|
.require(:tenant)
|
|
|
|
|
.permit(policy(@tenant).permitted_attributes_for_create)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def tenant_update_params
|
|
|
|
|
params
|
|
|
|
|
.require(:tenant)
|
2023-02-04 15:43:15 +01:00
|
|
|
.permit(
|
|
|
|
|
policy(@tenant)
|
|
|
|
|
.permitted_attributes_for_update
|
|
|
|
|
.concat([{
|
|
|
|
|
tenant_setting_attributes: policy(@tenant.tenant_setting).permitted_attributes_for_update
|
|
|
|
|
}]) # in order to permit nested attributes for tenant_setting
|
|
|
|
|
)
|
2022-07-18 10:47:54 +02:00
|
|
|
end
|
|
|
|
|
end
|
