metamaps--metamaps/app/controllers/synapses_controller.rb

84 lines
2.1 KiB
Ruby
Raw Permalink Normal View History

2016-09-24 03:00:46 +00:00
# frozen_string_literal: true
2012-10-10 00:23:45 +00:00
class SynapsesController < ApplicationController
include TopicsHelper
2012-10-10 00:23:45 +00:00
2016-02-28 09:48:18 +00:00
before_action :require_user, only: [:create, :update, :destroy]
after_action :verify_authorized, except: :index
after_action :verify_policy_scoped, only: :index
2014-07-29 17:34:10 +00:00
respond_to :json
2014-07-29 17:34:10 +00:00
# GET /synapses/1.json
def show
@synapse = Synapse.find(params[:id])
2016-03-12 00:10:30 +00:00
authorize @synapse
2014-07-29 17:34:10 +00:00
render json: @synapse
end
2014-07-27 19:57:35 +00:00
# POST /synapses
# POST /synapses.json
2012-10-10 00:23:45 +00:00
def create
@synapse = Synapse.new(synapse_params)
@synapse.desc = '' if @synapse.desc.nil?
@synapse.desc.strip! # no trailing/leading whitespace
2017-02-09 21:53:19 +00:00
@synapse.user = current_user
@synapse.updated_by = current_user
# we want invalid params to return :unprocessable_entity
# so we have to authorize AFTER saving. But if authorize
# fails, we need to rollback the SQL transaction
success = nil
ActiveRecord::Base.transaction do
success = @synapse.save
success ? authorize(@synapse) : skip_authorization
end
2014-07-27 19:57:35 +00:00
2012-10-10 00:23:45 +00:00
respond_to do |format|
if success
2014-07-27 19:57:35 +00:00
format.json { render json: @synapse, status: :created }
else
format.json { render json: @synapse.errors, status: :unprocessable_entity }
end
2012-10-10 00:23:45 +00:00
end
end
2014-07-27 19:57:35 +00:00
# PUT /synapses/1
# PUT /synapses/1.json
2012-10-10 00:23:45 +00:00
def update
2014-07-27 19:57:35 +00:00
@synapse = Synapse.find(params[:id])
@synapse.desc = '' if @synapse.desc.nil?
2016-03-12 00:10:30 +00:00
authorize @synapse
2017-02-09 21:53:19 +00:00
@synapse.updated_by = current_user
@synapse.assign_attributes(synapse_params)
respond_to do |format|
2017-02-09 21:53:19 +00:00
if @synapse.save
2014-07-27 19:57:35 +00:00
format.json { head :no_content }
else
format.json { render json: @synapse.errors, status: :unprocessable_entity }
end
end
end
# DELETE synapses/:id
2012-10-10 00:23:45 +00:00
def destroy
@synapse = Synapse.find(params[:id])
2016-03-12 00:10:30 +00:00
authorize @synapse
2017-02-09 21:53:19 +00:00
@synapse.updated_by = current_user
@synapse.destroy
2014-07-27 19:57:35 +00:00
respond_to do |format|
2014-08-12 22:14:04 +00:00
format.json { head :no_content }
2014-07-27 19:57:35 +00:00
end
2012-10-10 00:23:45 +00:00
end
2015-09-19 08:26:34 +00:00
private
def synapse_params
params.require(:synapse).permit(
2017-02-09 21:53:19 +00:00
:id, :desc, :category, :weight, :permission, :topic1_id, :topic2_id
)
2015-09-19 08:26:34 +00:00
end
2012-10-10 00:23:45 +00:00
end