autocomplete_controller.rb 1.29 KB
Newer Older
1
class AutocompleteController < ApplicationController
2 3
  skip_before_action :authenticate_user!, only: [:users]

4
  def users
5 6 7 8
    begin
      @users =
        if params[:project_id].present?
          project = Project.find(params[:project_id])
9

10 11 12 13 14
          if can?(current_user, :read_project, project)
            project.team.users
          end
        elsif params[:group_id]
          group = Group.find(params[:group_id])
15

16 17 18 19 20
          if can?(current_user, :read_group, group)
            group.users
          end
        elsif current_user
          User.all
21
        end
22 23 24
    rescue ActiveRecord::RecordNotFound
      if current_user
        return render json: {}, status: 404
25
      end
26 27 28 29 30
    end

    if @users.nil? && current_user.nil?
      authenticate_user!
    end
31

32
    @users ||= User.none
33 34 35
    @users = @users.search(params[:search]) if params[:search].present?
    @users = @users.active
    @users = @users.page(params[:page]).per(PER_PAGE)
36 37
    # Always include current user if available to filter by "Me"
    @users = User.find(@users.pluck(:id) + [current_user.id]).uniq if current_user
38 39 40 41 42 43 44 45
    render json: @users, only: [:name, :username, :id], methods: [:avatar_url]
  end

  def user
    @user = User.find(params[:id])
    render json: @user, only: [:name, :username, :id], methods: [:avatar_url]
  end
end