jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pundit: convert artists to pundit.

Browse Source
This commit is contained in:
evazion
2020-03-17 20:22:26 -05:00
parent 79a365abe0
commit ff1d71af2e
5 changed files with 155 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
app/controllers/artists_controller.rb
View File

@@ -1,16 +1,14 @@
class ArtistsController < ApplicationController
respond_to :html, :xml, :json, :js
before_action :member_only, :except => [:index, :show, :show_or_new, :banned]
before_action :admin_only, :only => [:ban, :unban]
before_action :load_artist, :only => [:ban, :unban, :show, :edit, :update, :destroy, :undelete]
def new
@artist = Artist.new_with_defaults(artist_params(:new))
@artist = authorize Artist.new_with_defaults(permitted_attributes(Artist))
@artist.build_wiki_page if @artist.wiki_page.nil?
respond_with(@artist)
end
def edit
@artist = authorize Artist.find(params[:id])
@artist.build_wiki_page if @artist.wiki_page.nil?
respond_with(@artist)
end
@@ -20,11 +18,13 @@ class ArtistsController < ApplicationController
end
def ban
@artist = authorize Artist.find(params[:id])
@artist.ban!(banner: CurrentUser.user)
redirect_to(artist_path(@artist), :notice => "Artist was banned")
end
def unban
@artist = authorize Artist.find(params[:id])
@artist.unban!
redirect_to(artist_path(@artist), :notice => "Artist was unbanned")
end
@@ -32,35 +32,38 @@ class ArtistsController < ApplicationController
def index
# XXX
params[:search][:name] = params.delete(:name) if params[:name]
@artists = Artist.paginated_search(params)
@artists = authorize Artist.paginated_search(params)
@artists = @artists.includes(:urls, :tag) if request.format.html?
respond_with(@artists)
end
def show
@artist = Artist.find(params[:id])
@artist = authorize Artist.find(params[:id])
respond_with(@artist)
end
def create
@artist = Artist.create(artist_params)
@artist = authorize Artist.new(permitted_attributes(Artist))
@artist.save
respond_with(@artist)
end
def update
@artist.update(artist_params)
@artist = authorize Artist.find(params[:id])
@artist.update(permitted_attributes(@artist))
flash[:notice] = @artist.valid? ? "Artist updated" : @artist.errors.full_messages.join("; ")
respond_with(@artist)
end
def destroy
@artist = authorize Artist.find(params[:id])
@artist.update_attribute(:is_deleted, true)
redirect_to(artist_path(@artist), :notice => "Artist deleted")
end
def revert
@artist = Artist.find(params[:id])
@artist = authorize Artist.find(params[:id])
@version = @artist.versions.find(params[:version_id])
@artist.revert_to!(@version)
respond_with(@artist)
@@ -88,16 +91,4 @@ class ArtistsController < ApplicationController
true
end
end
def load_artist
@artist = Artist.find(params[:id])
end
def artist_params(context = nil)
permitted_params = %i[name other_names other_names_string group_name url_string notes is_deleted]
permitted_params << { wiki_page_attributes: %i[id body] }
permitted_params << :source if context == :new
params.fetch(:artist, {}).permit(permitted_params)
end
end

21
app/policies/artist_policy.rb Normal file
View File

@@ -0,0 +1,21 @@
class ArtistPolicy < ApplicationPolicy
def ban?
user.is_admin? && !record.is_banned?
end
def unban?
user.is_admin? && record.is_banned?
end
def revert?
unbanned?
end
def permitted_attributes
[:name, :other_names, :other_names_string, :group_name, :url_string, :is_deleted, { wiki_page_attributes: [:id, :body] }]
end
def permitted_attributes_for_new
permitted_attributes + [:source]
end
end

16
app/views/artists/_secondary_links.html.erb
View File

@@ -2,7 +2,7 @@
<%= quick_search_form_for(:any_name_or_url_matches, artists_path, "artists", autocomplete: "artist", redirect: true) %>
<%= subnav_link_to "Listing", artists_path %>
<%= subnav_link_to "Banned", artists_path(search: { is_banned: "true", order: "updated_at" }) %>
<% if CurrentUser.is_member? %>
<% if policy(Artist).create? %>
<%= subnav_link_to "New", new_artist_path %>
<% end %>
<%= subnav_link_to "Recent changes", artist_versions_path %>
@@ -11,23 +11,21 @@
<li>|</li>
<%= subnav_link_to "Posts (#{@artist.tag.try(:post_count).to_i})", posts_path(:tags => @artist.name) %>
<%= subnav_link_to "Show", artist_path(@artist) %>
<% if CurrentUser.is_member? %>
<% if policy(@artist).update? %>
<%= subnav_link_to "Edit", edit_artist_path(@artist), :"data-shortcut" => "e" %>
<% end %>
<%= subnav_link_to "History", artist_versions_path(:search => {:artist_id => @artist.id}) %>
<% if CurrentUser.is_member? %>
<% if policy(@artist).update? %>
<% if @artist.is_deleted? %>
<%= subnav_link_to "Undelete", artist_path(@artist, format: "js"), method: :put, data: {confirm: "Are you sure you want to undelete this artist?", params: "artist[is_deleted]=false"}, remote: true %>
<% else %>
<%= subnav_link_to "Delete", artist_path(@artist), method: :delete, "data-shortcut": "shift+d", "data-confirm": "Are you sure you want to delete this artist?" %>
<% end %>
<% end %>
<% if CurrentUser.is_admin? %>
<% if @artist.is_banned? %>
<%= subnav_link_to "Unban", unban_artist_path(@artist), :method => :put, :data => {:confirm => "Are you sure you want to unban this artist?"} %>
<% else %>
<%= subnav_link_to "Ban", ban_artist_path(@artist), :method => :put, :data => {:confirm => "Are you sure you want to ban this artist?"} %>
<% end %>
<% if policy(@artist).unban? %>
<%= subnav_link_to "Unban", unban_artist_path(@artist), :method => :put, :data => {:confirm => "Are you sure you want to unban this artist?"} %>
<% elsif policy(@artist).ban? %>
<%= subnav_link_to "Ban", ban_artist_path(@artist), :method => :put, :data => {:confirm => "Are you sure you want to ban this artist?"} %>
<% end %>
<% end %>
<% end %>

2
app/views/artists/index.html.erb
View File

@@ -30,7 +30,7 @@
<%= time_ago_in_words_tagged(artist.updated_at) %>
<% end %>
<% t.column column: "control" do |artist| %>
<% if CurrentUser.is_member? %>
<% if policy(artist).update? %>
<%= link_to "Edit", edit_artist_path(artist) %>
<% if artist.is_deleted? %>