| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- class Api::V1::ActivitiesController < ApplicationController
- before_action :set_activity, only: %i[show update destroy]
- before_action :check_login
- before_action :check_owner, only: %i[update destroy]
-
- def index
- render json: Activity.all
- end
-
- def show
- render json: Activity.find(params[:id])
- end
-
- def create
- activity = current_user.created_activities.build(activity_params)
- if activity.save
- render json: activity, status: :created
- else
- render json: { errors: activity.errors }, status: :unprocessable_entity
- end
- end
-
- def update
- if @activity.update(activity_params)
- render json: @product
- else
- render json: @product.erros, status: :unprocessable_entity
- end
- end
-
- def destroy
- @activity.destroy
- head 204
- end
-
- private
-
- # Only allow a trusted parameter "white list" through.
- def activity_params
- params.require(:activity).permit(:name, :author_id, :description, :client)
- end
-
- def set_activity
- @activity = Activity.find(params[:id])
- end
-
- def check_owner
- head :forbidden unless @activity.author_id == current_user&.id
- end
- end
|
