97 lines
2.2 KiB
Ruby
97 lines
2.2 KiB
Ruby
class PostsController < ApplicationController
|
|
load_and_authorize_resource
|
|
|
|
#####
|
|
## Comment this line to allow guest users to edit and supply random user_ids
|
|
#before_filter :authorize_update_for_real, :only => :update
|
|
#####
|
|
|
|
# GET /posts
|
|
# GET /posts.json
|
|
def index
|
|
#@posts = Post.all
|
|
|
|
respond_to do |format|
|
|
format.html # index.html.erb
|
|
format.json { render json: @posts }
|
|
end
|
|
end
|
|
|
|
# GET /posts/1
|
|
# GET /posts/1.json
|
|
def show
|
|
#@post = Post.find(params[:id])
|
|
|
|
respond_to do |format|
|
|
format.html # show.html.erb
|
|
format.json { render json: @post }
|
|
end
|
|
end
|
|
|
|
# GET /posts/new
|
|
# GET /posts/new.json
|
|
def new
|
|
#@post = Post.new
|
|
|
|
respond_to do |format|
|
|
format.html # new.html.erb
|
|
format.json { render json: @post }
|
|
end
|
|
end
|
|
|
|
# GET /posts/1/edit
|
|
def edit
|
|
#@post = Post.find(params[:id])
|
|
end
|
|
|
|
# POST /posts
|
|
# POST /posts.json
|
|
def create
|
|
#@post = Post.new(params[:post])
|
|
|
|
respond_to do |format|
|
|
if @post.save
|
|
format.html { redirect_to posts_url, notice: 'Post was successfully created.' }
|
|
format.json { render json: @post, status: :created, location: @post }
|
|
else
|
|
format.html { render action: "new" }
|
|
format.json { render json: @post.errors, status: :unprocessable_entity }
|
|
end
|
|
end
|
|
end
|
|
|
|
def authorize_update_for_real
|
|
@post = Post.find(params[:id])
|
|
@post.assign_attributes(params[:post])
|
|
authorize! :edit, @post
|
|
end
|
|
|
|
# PUT /posts/1
|
|
# PUT /posts/1.json
|
|
def update
|
|
#@post = Post.find(params[:id])
|
|
|
|
respond_to do |format|
|
|
if @post.update_attributes(params[:post])
|
|
format.html { redirect_to posts_url, notice: 'Post was successfully updated.' }
|
|
format.json { head :no_content }
|
|
else
|
|
format.html { render action: "edit" }
|
|
format.json { render json: @post.errors, status: :unprocessable_entity }
|
|
end
|
|
end
|
|
end
|
|
|
|
# DELETE /posts/1
|
|
# DELETE /posts/1.json
|
|
def destroy
|
|
#@post = Post.find(params[:id])
|
|
@post.destroy
|
|
|
|
respond_to do |format|
|
|
format.html { redirect_to posts_url }
|
|
format.json { head :no_content }
|
|
end
|
|
end
|
|
end
|