Class | TreesController |
In: |
app/controllers/trees_controller.rb
|
Parent: | ApplicationController |
File: | trees_controller.rb |
(C): | Hipposoft 2008, 2009 |
Purpose: | Collate data for and send data to the YUI tree plugin. |
03-Nov-2009 (ADH): Created.
Respond to XHR requests from the YUI tree handling task selection. See comments inside for details of the required parameters.
# File app/controllers/trees_controller.rb, line 19 19: def index 20: if ( request.xhr? && params.has_key?( :tree_parent_id ) ) 21: respond_to do | format | 22: format.js do 23: 24: # Discover the restrictions which apply, if any. Understood keys are: 25: # 26: # "inactive" Returns only inactive projects and tasks. Without 27: # this key, returns only active projects and tasks. 28: # 29: # "restrict" Next array entry must be a user ID. Restricts tasks 30: # to those in the user's task list and projects to 31: # those where at least one of the project tasks are 32: # in the user's task list. 33: # 34: # "include" Next array entry must be one or more underscore- 35: # separated IDs. Only tasks in that list will be 36: # included in the tree. Projects or customers which 37: # end up with no included tasks will not be shown. 38: # 39: # Note that only tasks permitted by the current user will ever be 40: # returned. All the above can do is produce subsets. Attempts to 41: # bypass user restrictions by generating custom XHR requests will 42: # therefore always fail. 43: 44: restrictions = ( params[ :data ] || '' ).split( ',' ) 45: index = 0 46: 47: restrict_user = nil 48: include_only = nil 49: active = :active 50: 51: until ( restriction = restrictions[ index ] ).nil? 52: case restriction 53: 54: when 'inactive' 55: active = :inactive 56: 57: when 'restrict' 58: restrict_user = User.find( restrictions[ index + 1 ] ) 59: index += 1 60: 61: when 'include' 62: include_only = restrictions[ index + 1 ].split( '_' ).map { | str | str.to_i } 63: index += 1 64: 65: end 66: index += 1 67: end 68: 69: # Unless the current user is privileged, then always act as if the 70: # task list is restricted by them. If the restricted user quoted in 71: # the parameters is different then someone is probably trying to hack 72: # around with the XHR call! Just override their request. 73: 74: restrict_user = @current_user if ( @current_user.restricted? ) 75: 76: # Find the ID of the parent item selected in the tree. This must have 77: # a textual prefix of 'C' or 'P' for Customers or Projects. Tasks 78: # should never end up causing a call into this code because they are 79: # always leaf nodes. 80: 81: id = params[ :tree_parent_id ] 82: children = [] 83: 84: case id[ 0..0 ] 85: when 'C' 86: prefix = 'P' 87: isLeaf = false 88: children = Project.send( active ).find_all_by_customer_id( id[ 1..-1 ] ) 89: 90: # Reject projects if there are no active/inactive tasks; or if we 91: # are restricting by a user's permitted task list and the union 92: # of the project and user's task list is empty; or if we are 93: # restricting by a list of IDs and the union of that list of IDs 94: # and the project's task IDs is empty. 95: 96: children.reject! do | project | 97: project.tasks.send( active).count.zero? || ( 98: ( ! restrict_user.nil? ) && ( project.tasks & restrict_user.tasks ).empty? 99: ) || ( 100: ( ! include_only.nil? ) && ( project.task_ids & include_only ).empty? 101: ) 102: end 103: 104: when 'P' 105: prefix = '' 106: isLeaf = true 107: children = Task.send( active ).find_all_by_project_id( id[ 1..-1 ] ) 108: children = children & restrict_user.tasks unless ( restrict_user.nil? ) 109: 110: unless ( include_only.nil? ) 111: children.reject! do | task | 112: not include_only.include?( task.id ) 113: end 114: end 115: 116: else 117: parent = nil 118: end 119: 120: if ( children.empty? ) 121: render :json => [] 122: else 123: children.map!() do | child | 124: YuiTree::make_node_object( 125: "#{ prefix }#{ child.id }", 126: child.title, 127: isLeaf, 128: ( child.is_a?( Task ) ) ? @@tasks_helper.taskhelp_billable_class( child ) : nil 129: ) 130: end 131: 132: render :json => children 133: end 134: end # format.js do 135: end # respond_to do | format | 136: end # if ( request.xhr? ... ) 137: end