fbcd6d8c-b31b-4741-a97d-288a1eedfe72

Committed 11 Dec 2025 07:57PM UTC coverage: 91.227% (+3.7%) from 87.531%

Build # fbcd6d8c-b31b-4741-a97d-288a1eedfe72

Build Type

push

circleci

Committed by

web-flow

Commit Message

Edit buttons for project request summary page (#2296)

<img width="1259" height="190" alt="image"
src="https://github.com/user-attachments/assets/c8702492-782e-4ca5-b1da-7e58ca5c3b00"
/>

<img width="1512" height="670" alt="Screenshot 2025-12-11 at 1 10 39 PM"
src="https://github.com/user-attachments/assets/cc29c366-1539-4f68-ae70-5b36de3c0392"
/>

Co-authored-by: Hector Correa <hector_correa@princeton.edu>

Run Details

2974 of 3260 relevant lines covered (91.23%)

1227.56 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.31

/app/controllers/request_wizards_controller.rb

# frozen_string_literal: true
class RequestWizardsController < ApplicationController
  layout "wizard"
  before_action :set_breadcrumbs

  before_action :set_request_model, only: %i[save]
  before_action :exit_without_saving, only: %i[save]
  before_action :set_or_init_request_model, only: %i[show]
  before_action :check_access

  attr_reader :request_model

  # GET /request_wizards/1
  def show
    # show the current wizard step form
    render_current
  end

  # PUT /request_wizards/1/save
  def save
    # save and render dashboard
    save_request
    case params[:commit]
    when "Back"
      render_back
    when "Next", "Submit"
      render_next
    else
      if params[:commit].start_with?("http")
        # Go directly to the step the user clicked on
        redirect_to params[:commit]
      elsif params[:go_to_dashboard] == "yes"
        # The user clicked on the "Dashboard" breadcrumb
        redirect_to dashboard_path
      else
        redirect_to request_path(@request_model)
      end
    end
  end

  private

    def check_access
      return if user_eligible_to_modify_request?

      # request can not be modified by this user, redirect to dashboard
      error_message = "You do not have access to this page."
      flash[:notice] = error_message
      redirect_to dashboard_path
    end

    def exit_without_saving
      if params[:commit] == "Exit without Saving"
        if @request_model.nil?
          redirect_to dashboard_path
        else
          redirect_to request_path(@request_model)
        end
      end
    end

    def render_current
      raise "Must be implemented"
    end

    def render_next
      raise "Must be implemented"
    end

    def render_back
      raise "Must be implemented"
    end

    # Use callbacks to share common setup or constraints between actions.
    def set_request_model
      # do nothing if we are bailing out without creating a request2
      return if params[:request_id] == "0" && params[:commit] == "Exit without Saving"

      @request_model = if params[:request_id] == "0"
                         # on the first page with a brand new request that has not been created
                         req = Request.create(requested_by: current_user.uid)
                         update_sidebar_url(req)
                         req
                       else
                         # on a page when the request has already been created
                         Request.find(params[:request_id])
                       end
    end

    def update_sidebar_url(request_model)
      return unless params[:commit].start_with?("http")

      # take of the zero in the url and replace it with the real request id
      params[:commit] = "#{params[:commit][0..-2]}#{request_model.id}"
    end

    # set if id is present or initialize a blank request if not
    def set_or_init_request_model
      @princeton_departments = Affiliation.all
      @request_model = if params[:request_id].blank?
                         Request.new(id: 0, requested_by: current_user.uid)
                       else
                         Request.find(params[:request_id])
                       end
    end

    def save_request
      request_model.update(request_params)
    end

    # Only allow a list of trusted parameters through.
    def request_params
      request_params = params.fetch(:request, {}).permit(:request_title, :project_title, :state, :data_sponsor, :data_manager,
                                        :project_purpose, :description, :parent_folder, :project_folder, :project_id, :quota,
                                        :requested_by, :storage_size, :storage_unit, :number_of_files, :hpc, :smb, :globus, user_roles: [], departments: [])
      request_params[:storage_unit] ||= "TB"
      if request_params[:departments].present?
        request_params[:departments] = clean_departments(request_params[:departments])
      end
      if request_params[:user_roles].present?
        request_params[:user_roles] = request_params[:user_roles].compact_blank.map do |role_str|
          json = JSON.parse(role_str)
          json["read_only"] = params[:request]["read_only_#{json['uid']}"] == "true"
          json
        end
      end
      request_params
    end

    def clean_departments(departments)
      uniq_departments = departments.uniq
      uniq_departments.compact_blank.map { |dep_str| JSON.parse(dep_str) }
    end

    def set_breadcrumbs
      add_breadcrumb("Dashboard", dashboard_path)
    end

    def user_eligible_to_modify_request?
      # elevated privs for the current user
      if current_user.sysadmin || (current_user.developer && !Rails.env.production?)
        true
      # current user is the requestor
      elsif (@request_model.requested_by == current_user.uid) && !@request_model.submitted?
        true
      # a brand new request
      elsif params[:request_id].blank?
        true
      # no access for any other reason
      else
        false
      end
    end
end

1	# frozen_string_literal: true
2	class RequestWizardsController < ApplicationController	6✔
3	layout "wizard"	6✔
4	before_action :set_breadcrumbs	6✔
5
6	before_action :set_request_model, only: %i[save]	6✔
7	before_action :exit_without_saving, only: %i[save]	6✔
8	before_action :set_or_init_request_model, only: %i[show]	6✔
9	before_action :check_access	6✔
10
11	attr_reader :request_model	6✔
12
13	# GET /request_wizards/1
14	def show	6✔
15	# show the current wizard step form
16	render_current	154✔
17	end
18
19	# PUT /request_wizards/1/save
20	def save	6✔
21	# save and render dashboard
22	save_request	176✔
23	case params[:commit]	176✔
24	when "Back"
25	render_back	38✔
26	when "Next", "Submit"
27	render_next	64✔
28	else
29	if params[:commit].start_with?("http")	74✔
30	# Go directly to the step the user clicked on
31	redirect_to params[:commit]	12✔
32	elsif params[:go_to_dashboard] == "yes"	62✔
33	# The user clicked on the "Dashboard" breadcrumb
34	redirect_to dashboard_path	×
35	else
36	redirect_to request_path(@request_model)	62✔
37	end
38	end
39	end
40
41	private	6✔
42
43	def check_access	6✔
44	return if user_eligible_to_modify_request?	396✔
45
46	# request can not be modified by this user, redirect to dashboard
47	error_message = "You do not have access to this page."	66✔
48	flash[:notice] = error_message	66✔
49	redirect_to dashboard_path	66✔
50	end
51
52	def exit_without_saving	6✔
53	if params[:commit] == "Exit without Saving"	206✔
54	if @request_model.nil?	2✔
55	redirect_to dashboard_path	2✔
56	else
57	redirect_to request_path(@request_model)	×
58	end
59	end
60	end
61
62	def render_current	6✔
63	raise "Must be implemented"	×
64	end
65
66	def render_next	6✔
67	raise "Must be implemented"	×
68	end
69
70	def render_back	6✔
71	raise "Must be implemented"	×
72	end
73
74	# Use callbacks to share common setup or constraints between actions.
75	def set_request_model	6✔
76	# do nothing if we are bailing out without creating a request2
77	return if params[:request_id] == "0" && params[:commit] == "Exit without Saving"	206✔
78
79	@request_model = if params[:request_id] == "0"	204✔
80	# on the first page with a brand new request that has not been created
81	req = Request.create(requested_by: current_user.uid)	22✔
82	update_sidebar_url(req)	22✔
83	req	22✔
84	else
85	# on a page when the request has already been created
86	Request.find(params[:request_id])	182✔
87	end
88	end
89
90	def update_sidebar_url(request_model)	6✔
91	return unless params[:commit].start_with?("http")	22✔
92
93	# take of the zero in the url and replace it with the real request id
94	params[:commit] = "#{params[:commit][0..-2]}#{request_model.id}"	8✔
95	end
96
97	# set if id is present or initialize a blank request if not
98	def set_or_init_request_model	6✔
99	@princeton_departments = Affiliation.all	192✔
100	@request_model = if params[:request_id].blank?	192✔
101	Request.new(id: 0, requested_by: current_user.uid)	32✔
102	else
103	Request.find(params[:request_id])	160✔
104	end
105	end
106
107	def save_request	6✔
108	request_model.update(request_params)	176✔
109	end
110
111	# Only allow a list of trusted parameters through.
112	def request_params	6✔
113	request_params = params.fetch(:request, {}).permit(:request_title, :project_title, :state, :data_sponsor, :data_manager,	176✔
114	:project_purpose, :description, :parent_folder, :project_folder, :project_id, :quota,
115	:requested_by, :storage_size, :storage_unit, :number_of_files, :hpc, :smb, :globus, user_roles: [], departments: [])
116	request_params[:storage_unit] \|\|= "TB"	176✔
117	if request_params[:departments].present?	176✔
118	request_params[:departments] = clean_departments(request_params[:departments])	50✔
119	end
120	if request_params[:user_roles].present?	176✔
121	request_params[:user_roles] = request_params[:user_roles].compact_blank.map do \|role_str\|	6✔
122	json = JSON.parse(role_str)	8✔
123	json["read_only"] = params[:request]["read_only_#{json['uid']}"] == "true"	8✔
124	json	8✔
125	end
126	end
127	request_params	176✔
128	end
129
130	def clean_departments(departments)	6✔
131	uniq_departments = departments.uniq	50✔
132	uniq_departments.compact_blank.map { \|dep_str\| JSON.parse(dep_str) }	92✔
133	end
134
135	def set_breadcrumbs	6✔
136	add_breadcrumb("Dashboard", dashboard_path)	398✔
137	end
138
139	def user_eligible_to_modify_request?	6✔
140	# elevated privs for the current user
141	if current_user.sysadmin \|\| (current_user.developer && !Rails.env.production?)	396✔
142	true	218✔
143	# current user is the requestor
144	elsif (@request_model.requested_by == current_user.uid) && !@request_model.submitted?	178✔
145	true	112✔
146	# a brand new request
147	elsif params[:request_id].blank?	66✔
148	true	×
149	# no access for any other reason
150	else
151	false	66✔
152	end
153	end
154	end

pulibrary / tigerdata-app / fbcd6d8c-b31b-4741-a97d-288a1eedfe72

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous