jam-cloud/web/app/controllers/api_retailer_invitations_co...

class ApiRetailerInvitationsController < ApiController

  before_filter :api_signed_in_user
  before_filter :lookup_retailer, :only => [:index, :create]
  before_filter :auth_retailer, :only => [:index, :create]
  before_filter :lookup_retailer_invitation, :only => [:delete, :resend]
  before_filter :auth_retailer_invitation, :only => [:delete, :resend]

  respond_to :json

  def index
    data = RetailerInvitation.index(@retailer, params)

    @retailer_invitations = data[:query]

    @next = data[:next_page]
    render "api_retailer_invitations/index", :layout => nil
  end

  def create
    @retailer_invitation = RetailerInvitation.create(current_user, @retailer, params)

    if @retailer_invitation.errors.any?
      respond_with @retailer_invitation, status: :unprocessable_entity
      return
    end
  end

  def delete
    @retailer_invitation.destroy
    respond_with responder: ApiResponder, :status => 204
  end

  def resend
    @retailer_invitation.resend
  end

  private
  def lookup_retailer_invitation
    @retailer_invitation = RetailerInvitation.find_by_id(params[:invitation_id])
    raise ActiveRecord::RecordNotFound, "Can't find retailer invitation" if @retailer_invitation.nil?
  end

  def auth_retailer_invitation
    if current_user.id != @retailer_invitation.retailer.owner.id && current_user.id != @retailer_invitation.retailer.owner.id
      raise JamPermissionError, "You do not have access to this retailer"
    end
  end

  def lookup_retailer
    @retailer = Retailer.find_by_id(params[:id])
    raise ActiveRecord::RecordNotFound, "Can't find retailer" if @retailer.nil?
  end

  def auth_retailer
    if current_user.id != @retailer.owner.id && current_user.id != @retailer.owner.id
      raise JamPermissionError, "You do not have access to this retailer"
    end
  end
end
posa wip 2016-08-31 09:19:16 +00:00			`class ApiRetailerInvitationsController < ApiController`

			`before_filter :api_signed_in_user`
			`before_filter :lookup_retailer, :only => [:index, :create]`
			`before_filter :auth_retailer, :only => [:index, :create]`
			`before_filter :lookup_retailer_invitation, :only => [:delete, :resend]`
			`before_filter :auth_retailer_invitation, :only => [:delete, :resend]`

			`respond_to :json`

			`def index`
			`data = RetailerInvitation.index(@retailer, params)`

			`@retailer_invitations = data[:query]`

			`@next = data[:next_page]`
			`render "api_retailer_invitations/index", :layout => nil`
			`end`

			`def create`
			`@retailer_invitation = RetailerInvitation.create(current_user, @retailer, params)`

			`if @retailer_invitation.errors.any?`
			`respond_with @retailer_invitation, status: :unprocessable_entity`
			`return`
			`end`
			`end`

			`def delete`
			`@retailer_invitation.destroy`
			`respond_with responder: ApiResponder, :status => 204`
			`end`

			`def resend`
			`@retailer_invitation.resend`
			`end`

			`private`
			`def lookup_retailer_invitation`
			`@retailer_invitation = RetailerInvitation.find_by_id(params[:invitation_id])`
			`raise ActiveRecord::RecordNotFound, "Can't find retailer invitation" if @retailer_invitation.nil?`
			`end`

			`def auth_retailer_invitation`
			`if current_user.id != @retailer_invitation.retailer.owner.id && current_user.id != @retailer_invitation.retailer.owner.id`
			`raise JamPermissionError, "You do not have access to this retailer"`
			`end`
			`end`

			`def lookup_retailer`
			`@retailer = Retailer.find_by_id(params[:id])`
			`raise ActiveRecord::RecordNotFound, "Can't find retailer" if @retailer.nil?`
			`end`

			`def auth_retailer`
			`if current_user.id != @retailer.owner.id && current_user.id != @retailer.owner.id`
			`raise JamPermissionError, "You do not have access to this retailer"`
			`end`
			`end`
			`end`