2e9f4dc2f4
Refactor controllers so that endpoint rate limits are declared locally, with the endpoint, instead of globally, in a single method in ApplicationController. This way an endpoint's rate limit is declared in the same file as the endpoint itself. This is so we can add fine-grained rate limits for certain GET requests. Before rate limits were only for non-GET requests.
31 lines
1.0 KiB
Ruby
31 lines
1.0 KiB
Ruby
class ModerationReportsController < ApplicationController
|
|
respond_to :html, :xml, :json, :js
|
|
|
|
rate_limit :create, rate: 1.0/1.minute, burst: 10
|
|
|
|
def new
|
|
@moderation_report = authorize ModerationReport.new(permitted_attributes(ModerationReport))
|
|
respond_with(@moderation_report)
|
|
end
|
|
|
|
def index
|
|
@moderation_reports = authorize ModerationReport.visible(CurrentUser.user).paginated_search(params, count_pages: true)
|
|
@moderation_reports = @moderation_reports.includes(:creator, :model) if request.format.html?
|
|
|
|
respond_with(@moderation_reports)
|
|
end
|
|
|
|
def show
|
|
authorize ModerationReport
|
|
redirect_to moderation_reports_path(search: { id: params[:id] })
|
|
end
|
|
|
|
def create
|
|
@moderation_report = authorize ModerationReport.new(creator: CurrentUser.user, **permitted_attributes(ModerationReport))
|
|
@moderation_report.save
|
|
|
|
flash.now[:notice] = @moderation_report.valid? ? "Report submitted" : @moderation_report.errors.full_messages.join("; ")
|
|
respond_with(@moderation_report)
|
|
end
|
|
end
|