metamaps--metamaps/app/controllers/api/restful_controller.rb

46 lines
884 B
Ruby
Raw Normal View History

class API::RestfulController < ActionController::Base
2016-03-11 22:37:18 +00:00
include Pundit
include PunditExtra
snorlax_used_rest!
2016-03-11 22:37:18 +00:00
rescue_from(Pundit::NotAuthorizedError) { |e| respond_with_standard_error e, 403 }
load_and_authorize_resource except: [:index, :create]
2016-03-11 06:26:54 +00:00
def create
2016-03-11 22:37:18 +00:00
authorize resource_class
2016-03-11 06:26:54 +00:00
instantiate_resouce
resource.user = current_user
create_action
respond_with_resource
end
private
2016-03-11 22:37:18 +00:00
def accessible_records
if current_user
visible_records
else
public_records
end
end
def current_user
2016-03-11 22:37:18 +00:00
super || token_user || nil
end
def token_user
authenticate_with_http_token do |token, options|
access_token = Token.find_by_token(token)
if access_token
@token_user ||= access_token.user
end
end
end
def permitted_params
@permitted_params ||= PermittedParams.new(params)
end
end