metamaps--metamaps/app/controllers/mappings_controller.rb
2016-09-24 11:00:46 +08:00

66 lines
1.6 KiB
Ruby

# frozen_string_literal: true
class MappingsController < ApplicationController
before_action :require_user, only: [:create, :update, :destroy]
after_action :verify_authorized, except: :index
after_action :verify_policy_scoped, only: :index
respond_to :json
# GET /mappings/1.json
def show
@mapping = Mapping.find(params[:id])
authorize @mapping
render json: @mapping
end
# POST /mappings.json
def create
@mapping = Mapping.new(mapping_params)
authorize @mapping
@mapping.user = current_user
if @mapping.save
render json: @mapping, status: :created
Events::NewMapping.publish!(@mapping, current_user)
else
render json: @mapping.errors, status: :unprocessable_entity
end
end
# PUT /mappings/1.json
def update
@mapping = Mapping.find(params[:id])
authorize @mapping
if @mapping.update_attributes(mapping_params)
head :no_content
else
render json: @mapping.errors, status: :unprocessable_entity
end
end
# DELETE /mappings/1.json
def destroy
@mapping = Mapping.find(params[:id])
authorize @mapping
mappable = @mapping.mappable
if mappable.defer_to_map
mappable.permission = mappable.defer_to_map.permission
mappable.defer_to_map_id = nil
mappable.save
end
@mapping.destroy
head :no_content
end
private
# Never trust parameters from the scary internet, only allow the white list through.
def mapping_params
params.require(:mapping).permit(:id, :xloc, :yloc, :mappable_id, :mappable_type, :map_id)
end
end