jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
0ad42d23c9dad05e775b50c92dcd05ce9b683497
danbooru/app/controllers/user_feedbacks_controller.rb
evazion 0ad42d23c9 models: refactor search visibility methods. 
Refactor how model visibility works in index actions:

* Call `visible` in the controller instead of in model `search`
  methods. This decouples model visibility from model searching.

* Explicitly pass CurrentUser when calling `visible`. This reduces
  hidden dependencies on the current user inside models.

* Standardize on calling the method `visible`. In some places it was
  called `permitted` instead.

* Add a `visible` base method to ApplicationModel.
2020-02-19 17:08:59 -06:00

54 lines
1.6 KiB
Ruby
Raw Blame History

class UserFeedbacksController < ApplicationController
before_action :gold_only, :only => [:new, :edit, :create, :update]
respond_to :html, :xml, :json, :js
def new
@user_feedback = UserFeedback.new(user_feedback_params(:create))
respond_with(@user_feedback)
end
def edit
@user_feedback = UserFeedback.visible.find(params[:id])
check_privilege(@user_feedback)
respond_with(@user_feedback)
end
def show
@user_feedback = UserFeedback.visible.find(params[:id])
respond_with(@user_feedback)
end
def index
@user_feedbacks = UserFeedback.visible(CurrentUser.user).paginated_search(params, count_pages: true)
@user_feedbacks = @user_feedbacks.includes(:user, :creator) if request.format.html?
respond_with(@user_feedbacks)
end
def create
@user_feedback = UserFeedback.create(user_feedback_params(:create).merge(creator: CurrentUser.user))
respond_with(@user_feedback)
end
def update
@user_feedback = UserFeedback.visible.find(params[:id])
check_privilege(@user_feedback)
@user_feedback.update(user_feedback_params(:update, @user_feedback))
respond_with(@user_feedback)
end
private
def check_privilege(user_feedback)
raise User::PrivilegeError unless user_feedback.editable_by?(CurrentUser.user)
end
def user_feedback_params(context, user_feedback = nil)
permitted_params = %i[body category]
permitted_params += %i[user_id user_name] if context == :create
permitted_params += %i[is_deleted] if context == :update && user_feedback.deletable_by?(CurrentUser.user)
params.fetch(:user_feedback, {}).permit(permitted_params)
end
end
Reference in New Issue View Git Blame Copy Permalink