pundit: convert tags to pundit.
This commit is contained in:
@@ -1,15 +1,13 @@
|
||||
class TagsController < ApplicationController
|
||||
before_action :member_only, :only => [:edit, :update]
|
||||
respond_to :html, :xml, :json
|
||||
|
||||
def edit
|
||||
@tag = Tag.find(params[:id])
|
||||
check_privilege(@tag)
|
||||
@tag = authorize Tag.find(params[:id])
|
||||
respond_with(@tag)
|
||||
end
|
||||
|
||||
def index
|
||||
@tags = Tag.paginated_search(params, hide_empty: true)
|
||||
@tags = authorize Tag.paginated_search(params, hide_empty: true)
|
||||
@tags = @tags.includes(:consequent_aliases) if request.format.html?
|
||||
respond_with(@tags)
|
||||
end
|
||||
@@ -27,27 +25,13 @@ class TagsController < ApplicationController
|
||||
end
|
||||
|
||||
def show
|
||||
@tag = Tag.find(params[:id])
|
||||
@tag = authorize Tag.find(params[:id])
|
||||
respond_with(@tag)
|
||||
end
|
||||
|
||||
def update
|
||||
@tag = Tag.find(params[:id])
|
||||
check_privilege(@tag)
|
||||
@tag.update(tag_params)
|
||||
@tag = authorize Tag.find(params[:id])
|
||||
@tag.update(permitted_attributes(@tag))
|
||||
respond_with(@tag)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def check_privilege(tag)
|
||||
raise User::PrivilegeError unless tag.editable_by?(CurrentUser.user)
|
||||
end
|
||||
|
||||
def tag_params
|
||||
permitted_params = [:category]
|
||||
permitted_params << :is_locked if CurrentUser.is_moderator?
|
||||
|
||||
params.require(:tag).permit(permitted_params)
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user