50 lines
1.1 KiB
Ruby
50 lines
1.1 KiB
Ruby
class Api::V1::ActivitiesController < ApplicationController
|
|
before_action :set_activity, only: %i[show update destroy]
|
|
before_action :check_login
|
|
before_action :check_owner, only: %i[update destroy]
|
|
|
|
def index
|
|
render json: Activity.all
|
|
end
|
|
|
|
def show
|
|
render json: Activity.find(params[:id])
|
|
end
|
|
|
|
def create
|
|
activity = current_user.created_activities.build(activity_params)
|
|
if activity.save
|
|
render json: activity, status: :created
|
|
else
|
|
render json: { errors: activity.errors }, status: :unprocessable_entity
|
|
end
|
|
end
|
|
|
|
def update
|
|
if @activity.update(activity_params)
|
|
render json: @activity
|
|
else
|
|
render json: @activity.errors, status: :unprocessable_entity
|
|
end
|
|
end
|
|
|
|
def destroy
|
|
@activity.destroy
|
|
head 204
|
|
end
|
|
|
|
private
|
|
|
|
# Only allow a trusted parameter "white list" through.
|
|
def activity_params
|
|
params.require(:activity).permit(:name, :author_id, :description, :client)
|
|
end
|
|
|
|
def set_activity
|
|
@activity = Activity.find(params[:id])
|
|
end
|
|
|
|
def check_owner
|
|
head :forbidden unless @activity.author_id == current_user&.id
|
|
end
|
|
end
|