jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pundit: convert favorite groups to pundit.

Browse Source
This commit is contained in:
evazion
2020-03-19 18:12:16 -05:00
parent 50fa674a3e
commit 2c4c29b81a
9 changed files with 80 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
app/controllers/favorite_groups_controller.rb
View File

@@ -1,10 +1,9 @@
class FavoriteGroupsController < ApplicationController
before_action :member_only, :except => [:index, :show]
respond_to :html, :xml, :json, :js
def index
params[:search][:creator_id] ||= params[:user_id]
@favorite_groups = FavoriteGroup.visible(CurrentUser.user).paginated_search(params)
@favorite_groups = authorize FavoriteGroup.visible(CurrentUser.user).paginated_search(params)
@favorite_groups = @favorite_groups.includes(:creator) if request.format.html?
respond_with(@favorite_groups)
@@ -13,33 +12,31 @@ class FavoriteGroupsController < ApplicationController
def show
limit = params[:limit].presence || CurrentUser.user.per_page
@favorite_group = FavoriteGroup.find(params[:id])
check_read_privilege(@favorite_group)
@favorite_group = authorize FavoriteGroup.find(params[:id])
@posts = @favorite_group.posts.paginate(params[:page], limit: limit, count: @favorite_group.post_count)
respond_with(@favorite_group)
end
def new
@favorite_group = FavoriteGroup.new
@favorite_group = authorize FavoriteGroup.new
respond_with(@favorite_group)
end
def create
@favorite_group = CurrentUser.favorite_groups.create(favgroup_params)
@favorite_group = authorize FavoriteGroup.new(creator: CurrentUser.user, **permitted_attributes(FavoriteGroup))
@favorite_group.save
respond_with(@favorite_group)
end
def edit
@favorite_group = FavoriteGroup.find(params[:id])
check_write_privilege(@favorite_group)
@favorite_group = authorize FavoriteGroup.find(params[:id])
respond_with(@favorite_group)
end
def update
@favorite_group = FavoriteGroup.find(params[:id])
check_write_privilege(@favorite_group)
@favorite_group.update(favgroup_params)
@favorite_group = authorize FavoriteGroup.find(params[:id])
@favorite_group.update(permitted_attributes(@favorite_group))
unless @favorite_group.errors.any?
flash[:notice] = "Favorite group updated"
end
@@ -47,31 +44,15 @@ class FavoriteGroupsController < ApplicationController
end
def destroy
@favorite_group = FavoriteGroup.find(params[:id])
check_write_privilege(@favorite_group)
@favorite_group = authorize FavoriteGroup.find(params[:id])
@favorite_group.destroy!
flash[:notice] = "Favorite group deleted" if request.format.html?
respond_with(@favorite_group, location: favorite_groups_path(search: { creator_name: CurrentUser.name }))
end
def add_post
@favorite_group = FavoriteGroup.find(params[:id])
check_write_privilege(@favorite_group)
@favorite_group = authorize FavoriteGroup.find(params[:id])
@post = Post.find(params[:post_id])
@favorite_group.add!(@post)
end
private
def check_write_privilege(favgroup)
raise User::PrivilegeError unless favgroup.editable_by?(CurrentUser.user)
end
def check_read_privilege(favgroup)
raise User::PrivilegeError unless favgroup.viewable_by?(CurrentUser.user)
end
def favgroup_params
params.fetch(:favorite_group, {}).permit(%i[name post_ids post_ids_string is_public], post_ids: [])
end
end