diff --git a/CHANGELOG.md b/CHANGELOG.md index c06babae56..b3cd9ed00d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ # Changelog +- Fix Handling of `attrs[:managed]` + Refactor `OrgsController#admin_update` [#3529](https://github.com/DMPRoadmap/roadmap/pull/3529) - Updated seeds.rb file for identifier_schemes to include context value and removed logo_url and idenitifier_prefix for Shibboleth (as it was causing issues with SSO). [#3525](https://github.com/DMPRoadmap/roadmap/pull/3525) - Adjustments to style of select tags and plan download layout [#3509](https://github.com/DMPRoadmap/roadmap/pull/3509) - Fix failing eslint workflow / upgrade `actions/checkout` & `actions/setup-node` to v3 [#3503](https://github.com/DMPRoadmap/roadmap/pull/3503) diff --git a/app/controllers/orgs_controller.rb b/app/controllers/orgs_controller.rb index ed0e3f78df..24cff84884 100644 --- a/app/controllers/orgs_controller.rb +++ b/app/controllers/orgs_controller.rb @@ -33,41 +33,17 @@ def admin_update @org = Org.find(params[:id]) authorize @org - # If a new logo was supplied then use it, otherwise retain the existing one - attrs[:logo] = attrs[:logo].present? ? attrs[:logo] : @org.logo - # Remove the logo if the user checked the box - attrs[:logo] = nil if attrs[:remove_logo] == '1' + attrs = handle_logo(attrs) tab = (attrs[:feedback_enabled].present? ? 'feedback' : 'profile') @org.links = ActiveSupport::JSON.decode(params[:org_links]) if params[:org_links].present? # Only allow super admins to change the org types and shib info if current_user.can_super_admin? - identifiers = [] - attrs[:managed] = attrs[:managed] == '1' - - # Handle Shibboleth identifier if that is enabled - if Rails.configuration.x.shibboleth.use_filtered_discovery_service - shib = IdentifierScheme.by_name('shibboleth').first - - if shib.present? && attrs[:identifiers_attributes].present? - key = attrs[:identifiers_attributes].keys.first - entity_id = attrs[:identifiers_attributes][:"#{key}"][:value] - # rubocop:disable Metrics/BlockNesting - if entity_id.present? - identifier = Identifier.find_or_initialize_by( - identifiable: @org, identifier_scheme: shib, value: entity_id - ) - @org = process_identifier_change(org: @org, identifier: identifier) - else - # The user blanked out the entityID so delete the record - @org.identifier_for_scheme(scheme: shib)&.destroy - end - # rubocop:enable Metrics/BlockNesting - end - attrs.delete(:identifiers_attributes) - end + attrs = handle_managed_flag(attrs) + attrs = handle_shibboleth_identifier(attrs) + identifiers = [] # See if the user selected a new Org via the Org Lookup and # convert it into an Org lookup = org_from_params(params_in: attrs) @@ -236,6 +212,48 @@ def search_params params.require(:org).permit(:name, :type) end + def handle_logo(attrs) + # If a new logo was supplied then use it, otherwise retain the existing one + attrs[:logo] = attrs[:logo].present? ? attrs[:logo] : @org.logo + # Remove the logo if the user checked the box + attrs[:logo] = nil if attrs[:remove_logo] == '1' + attrs + end + + def handle_managed_flag(attrs) + # NOTE: The :managed param is controlled by a check_box in the form + # `app/views/orgs/_profile_form.html.erb`. + # NOTE: :managed is not present when a super admin updates an org + # by clicking "Save" while on the "Request feedback" tab + attrs[:managed] = (attrs[:managed] == '1') if attrs.key?(:managed) + attrs + end + + # Updates the @org's Shibboleth identifier(s) if the required conditions are met + # rubocop:disable Metrics/AbcSize + def handle_shibboleth_identifier(attrs) + return attrs unless Rails.configuration.x.shibboleth.use_filtered_discovery_service + + shib = IdentifierScheme.by_name('shibboleth').first + + if shib.present? && attrs[:identifiers_attributes].present? + key = attrs[:identifiers_attributes].keys.first + entity_id = attrs[:identifiers_attributes][:"#{key}"][:value] + if entity_id.present? + identifier = Identifier.find_or_initialize_by( + identifiable: @org, identifier_scheme: shib, value: entity_id + ) + @org = process_identifier_change(org: @org, identifier: identifier) + else + # The user blanked out the entityID so delete the record + @org.identifier_for_scheme(scheme: shib)&.destroy + end + end + attrs.delete(:identifiers_attributes) + attrs + end + # rubocop:enable Metrics/AbcSize + def shib_login_url shib_login = Rails.configuration.x.shibboleth.login_url "#{request.base_url.gsub('http:', 'https:')}#{shib_login}"