From 8d342e0402d0f4b858c77469ca01f428a45503f0 Mon Sep 17 00:00:00 2001 From: Luc Donnet Date: Thu, 13 Jul 2017 15:34:41 +0200 Subject: Fix footnotes policy Refs #4094 @2 --- app/controllers/line_footnotes_controller.rb | 29 +++++++++++----------------- 1 file changed, 11 insertions(+), 18 deletions(-) (limited to 'app/controllers/line_footnotes_controller.rb') diff --git a/app/controllers/line_footnotes_controller.rb b/app/controllers/line_footnotes_controller.rb index 6a9048392..f24d624d4 100644 --- a/app/controllers/line_footnotes_controller.rb +++ b/app/controllers/line_footnotes_controller.rb @@ -1,16 +1,7 @@ -class LineFootnotesController < BreadcrumbController - defaults :resource_class => Chouette::Line - include PolicyChecker - respond_to :json, :only => :show +class LineFootnotesController < ChouetteController + defaults resource_class: Chouette::Line, collection_name: 'lines', instance_name: 'line' belongs_to :referential - def show - show! do - build_breadcrumb :show - end - @footnotes = @line.footnotes - end - def edit edit! do build_breadcrumb :edit @@ -18,25 +9,27 @@ class LineFootnotesController < BreadcrumbController end def update - if @line.update(line_params) - redirect_to referential_line_footnotes_path(@referential, @line) , notice: t('notice.footnotes.updated') - else - render :edit + update! do |success, failure| + success.html { redirect_to referential_line_footnotes_path(@referential, @line) , notice: t('notice.footnotes.updated') } + failure.html { render :edit } end end protected + + alias_method :line, :resource + # overrides default def check_policy authorize resource, "#{action_name}_footnote?".to_sym end - private def resource - @referential = Referential.find params[:referential_id] - @line = @referential.lines.find params[:line_id] + @line ||= current_referential.lines.find params[:line_id] end + private + def line_params params.require(:line).permit( { footnotes_attributes: [ :code, :label, :_destroy, :id ] } ) -- cgit v1.2.3 From 383ccd7d1337276c5d086e3dc077c7235fe0541d Mon Sep 17 00:00:00 2001 From: Luc Donnet Date: Thu, 13 Jul 2017 16:44:46 +0200 Subject: Update policies to make a custom behaviour on footnotes Refs #4094 @1 --- app/controllers/line_footnotes_controller.rb | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'app/controllers/line_footnotes_controller.rb') diff --git a/app/controllers/line_footnotes_controller.rb b/app/controllers/line_footnotes_controller.rb index f24d624d4..581c921e8 100644 --- a/app/controllers/line_footnotes_controller.rb +++ b/app/controllers/line_footnotes_controller.rb @@ -2,6 +2,9 @@ class LineFootnotesController < ChouetteController defaults resource_class: Chouette::Line, collection_name: 'lines', instance_name: 'line' belongs_to :referential + before_action :authorize_resource, only: [:destroy_footnote, :edit_footnote, :show_footnote, :update_footnote] + before_action :authorize_resource_class, only: [:create_footnote, :index_footnote, :new_footnote] + def edit edit! do build_breadcrumb :edit @@ -17,13 +20,17 @@ class LineFootnotesController < ChouetteController protected - alias_method :line, :resource - - # overrides default - def check_policy + protected + def authorize_resource authorize resource, "#{action_name}_footnote?".to_sym end + def authorize_resource_class + authorize resource_class, "#{action_name}_footnote?".to_sym + end + + alias_method :line, :resource + def resource @line ||= current_referential.lines.find params[:line_id] end -- cgit v1.2.3