Open-Source-Access-Control-.../app/controllers/resources_controller.rb

62 lines
1.8 KiB
Ruby
Raw Normal View History

class ResourcesController < ApplicationController
load_and_authorize_resource
2014-02-09 12:01:52 +00:00
before_filter :load_users
2014-02-09 10:42:17 +00:00
2014-02-09 11:32:45 +00:00
def index
@featured_resource = @resources.where("picture_file_name IS NOT NULL").sample
end
2014-02-09 12:01:52 +00:00
def new
# don't get too excited... for some reason this gets set to the current_user
@resource.user_id = nil
end
2014-02-09 10:42:17 +00:00
def create
2014-02-09 12:13:35 +00:00
@resource.modified_by = current_user.id # log who modified this last
2014-02-09 10:42:17 +00:00
authorize! :create, @resource
respond_to do |format|
if @resource.save
format.html { redirect_to resource_path(@resource), :notice => "Resource was successfully created." }
format.json { head :no_content }
else
format.html { render :action => "new" }
format.json { render :json => @resource.errors, :status => :unprocessable_entity }
end
end
end
def update
2014-02-09 12:13:35 +00:00
@resource.modified_by = current_user.id # log who modified this last
2014-02-09 10:42:17 +00:00
@resource.assign_attributes(params[:resource])
authorize! :update, @resource
respond_to do |format|
if @resource.update_attributes(params[:resource])
format.html { redirect_to resource_path(@resource), :notice => "Resource was successfully updated." }
format.json { head :no_content }
else
format.html { render :action => "edit" }
format.json { render :json => @resource.errors, :status => :unprocessable_entity }
end
end
end
2014-02-09 09:08:08 +00:00
def destroy
@resource.destroy
respond_to do |format|
2014-02-09 10:42:17 +00:00
format.html { redirect_to resources_path, :notice => "Resource was deleted." }
2014-02-09 09:08:08 +00:00
format.json { head :ok }
end
end
2014-02-09 10:42:17 +00:00
def load_users
2014-02-09 12:13:35 +00:00
if can? :assign_user, Resource then
2014-02-09 10:42:17 +00:00
@users = User.accessible_by(current_ability).sort_by(&:name)
else
@users = [current_user]
end
end
end