class ProjectsController < ApplicationController before_action :set_project,

1. class ProjectsController < ApplicationController
2.   before_action :set_project, only: [:show, :edit, :update, :destroy]
3.   skip_after_action :reset_redirect_after_auth, only: [:update, :new]
4.   before_filter :authenticate_redirect_user!, except: [:search, :show, :index]
5.   # GET /projects
6.   def index
7.     @projects = Project.all
8.   end
9.  
10.   # GET /projects/1
11.   def show
12.   end
13.  
14.   # GET /projects/new
15.   def new
16.     @project = Project.new
17.     @project.user = current_user
18.     @project.user.build_bank_account
19.   end
20.  
21.   # GET /projects/1/edit
22.   def edit
23.     @project.user.build_bank_account
24.   end
25.  
26.   # POST /projects
27.   def create
28.     @project = Project.new(project_params)
29.  
30.     if @project.save
31.       session[:tracker] << { event: 'New project', opts: { user: @project.user.full_name, mail: @project.user.email } }
32.       redirect_to @project, notice: t('project.created')
33.     else
34.       render :new
35.     end
36.   end
37.  
38.   # POST /projects/search
39.   def search
40.     query = params[:search] || ''
41.     if query.length >= 2
42.       @projects = Project.where("name LIKE ?", "%#{query}%").limit(10)
43.     else
44.       @projects = Project.all.limit(10)
45.     end
46.     render 'index'
47.   end
48.  
49.   # PATCH/PUT /projects/1
50.   def update
51.     if project_params[:user_attributes][:id].to_i != @project.user.id
52.       flash[:alert] = t('error')
53.       session[:tracker] << { event: 'Suspicious activity', opts: { where: 'project update' } }
54.       render 'home/index'
55.     elsif @project.update(project_params)
56.       redirect_to @project, notice: t('project.updated')
57.     else
58.       render :edit
59.     end
60.   end
61.  
62.   # DELETE /projects/1
63.   def destroy
64.     @project.destroy
65.     redirect_to projects_url, notice: t('project.destroyed')
66.   end
67.  
68.   protected
69.  
70.   def authenticate_redirect_user!
71.     session[:url_after_auth] = request.fullpath
72.     authenticate_user!
73.   end
74.  
75.   private
76.   # Use callbacks to share common setup or constraints between actions.
77.   def set_project
78.     @project = Project.friendly.find(params[:id])
79.   end
80.  
81.   # Only allow a trusted parameter "white list" through.
82.   def project_params
83.     params.require(:project).permit(
84.       Project.permitted_params,
85.       rewards_attributes: Reward.permitted_params,
86.       user_attributes: User.permitted_params
87.     )
88.   end
89. end