jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pundit: convert posts to pundit.

Browse Source
This commit is contained in:
evazion
2020-03-20 01:55:51 -05:00
parent dd39913e55
commit a5418abb31
18 changed files with 178 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
app/controllers/posts_controller.rb
View File

@@ -1,17 +1,17 @@
class PostsController < ApplicationController
before_action :member_only, :except => [:show, :show_seq, :index, :home, :random]
respond_to :html, :xml, :json, :js
layout "sidebar"
def index
if params[:md5].present?
@post = Post.find_by!(md5: params[:md5])
@post = authorize Post.find_by!(md5: params[:md5])
respond_with(@post) do |format|
format.html { redirect_to(@post) }
end
else
tag_query = params[:tags] || params.dig(:post, :tags)
@post_set = PostSets::Post.new(tag_query, params[:page], params[:limit], raw: params[:raw], random: params[:random], format: params[:format])
@posts = @post_set.posts
@posts = authorize @post_set.posts
respond_with(@posts) do |format|
format.atom
end
@@ -19,7 +19,7 @@ class PostsController < ApplicationController
end
def show
@post = Post.find(params[:id])
@post = authorize Post.find(params[:id])
if request.format.html?
@comments = @post.comments
@@ -41,6 +41,7 @@ class PostsController < ApplicationController
end
def show_seq
authorize Post
context = PostSearchContext.new(params)
if context.post_id
redirect_to(post_path(context.post_id, q: params[:q]))
@@ -50,19 +51,15 @@ class PostsController < ApplicationController
end
def update
@post = Post.find(params[:id])
@post.update(post_params) if @post.visible?
@post = authorize Post.find(params[:id])
@post.update(permitted_attributes(@post))
respond_with_post_after_update(@post)
end
def revert
@post = Post.find(params[:id])
@post = authorize Post.find(params[:id])
@version = @post.versions.find(params[:version_id])
if @post.visible?
@post.revert_to!(@version)
end
@post.revert_to!(@version)
respond_with(@post) do |format|
format.js
@@ -71,7 +68,7 @@ class PostsController < ApplicationController
def copy_notes
@post = Post.find(params[:id])
@other_post = Post.find(params[:other_post_id].to_i)
@other_post = authorize Post.find(params[:other_post_id].to_i)
@post.copy_notes_to(@other_post)
if @post.errors.any?
@@ -83,7 +80,7 @@ class PostsController < ApplicationController
end
def random
@post = Post.tag_match(params[:tags]).random
@post = authorize Post.tag_match(params[:tags]).random
raise ActiveRecord::RecordNotFound if @post.nil?
respond_with(@post) do |format|
format.html { redirect_to post_path(@post, :tags => params[:tags]) }
@@ -91,17 +88,13 @@ class PostsController < ApplicationController
end
def mark_as_translated
@post = Post.find(params[:id])
@post = authorize Post.find(params[:id])
@post.mark_as_translated(params[:post])
respond_with_post_after_update(@post)
end
private
def tag_query
params[:tags] || (params[:post] && params[:post][:tags])
end
def respond_with_post_after_update(post)
respond_with(post) do |format|
format.html do
@@ -124,18 +117,4 @@ class PostsController < ApplicationController
end
end
end
def post_params
permitted_params = %i[
tag_string old_tag_string
parent_id old_parent_id
source old_source
rating old_rating
has_embedded_notes
]
permitted_params += %i[is_rating_locked is_note_locked] if CurrentUser.is_builder?
permitted_params += %i[is_status_locked] if CurrentUser.is_admin?
params.require(:post).permit(permitted_params)
end
end