#472: refactoring, updated the Api::V1::GroupsController and Groups::ProfileController

This commit is contained in:
Vokhmin Alexey V 2015-04-29 01:28:36 +03:00
parent 0b05e688c8
commit b6bf8450f0
8 changed files with 27 additions and 7 deletions

View File

@ -36,7 +36,7 @@ class Api::V1::AdvisoriesController < Api::V1::BaseController
protected protected
def advisory_params def advisory_params
permit_params(:advisory, *policy(Advisory).permitted_attributes) subject_params(Advisory)
end end
def load_build_list def load_build_list

View File

@ -85,7 +85,7 @@ class Api::V1::BaseController < ApplicationController
def update_subject(subject) def update_subject(subject)
authorize subject, :update? authorize subject, :update?
class_name = subject.class.name class_name = subject.class.name
if subject.update_attributes(params[class_name.underscore.to_sym] || {}) if subject.update_attributes(subject_params(subject.class))
render_json_response subject, "#{class_name} has been updated successfully" render_json_response subject, "#{class_name} has been updated successfully"
else else
render_validation_error subject, "#{class_name} has not been updated" render_validation_error subject, "#{class_name} has not been updated"

View File

@ -78,7 +78,7 @@ class Api::V1::BuildListsController < Api::V1::BaseController
private private
def build_list_params def build_list_params
permit_params(:build_list, *policy(BuildList).permitted_attributes) subject_params(BuildList)
end end
# Private: before_action hook which loads BuidList. # Private: before_action hook which loads BuidList.

View File

@ -28,7 +28,7 @@ class Api::V1::GroupsController < Api::V1::BaseController
end end
def create def create
@group = current_user.own_groups.new params[:group] @group = current_user.own_groups.new(group_params)
create_subject @group create_subject @group
end end
@ -49,6 +49,10 @@ class Api::V1::GroupsController < Api::V1::BaseController
private private
def group_params
subject_params(Group)
end
# Private: before_action hook which loads Group. # Private: before_action hook which loads Group.
def load_group def load_group
@group = Group.find params[:id] @group = Group.find params[:id]

View File

@ -8,4 +8,9 @@ module StrongParams
pp = pp[name] || ActionController::Parameters.new pp = pp[name] || ActionController::Parameters.new
end.permit(*accessible.flatten) end.permit(*accessible.flatten)
end end
def subject_params(subject_class)
permit_params(subject_class.name.underscore.to_sym, *policy(subject_class).permitted_attributes)
end
end end

View File

@ -43,7 +43,7 @@ class Groups::ProfileController < Groups::BaseController
end end
def create def create
authorize @group = current_user.own_groups.build(params[:group]) authorize @group = current_user.own_groups.build(group_params)
if @group.save if @group.save
flash[:notice] = t('flash.group.saved') flash[:notice] = t('flash.group.saved')
redirect_to group_path(@group) redirect_to group_path(@group)
@ -56,7 +56,7 @@ class Groups::ProfileController < Groups::BaseController
def update def update
authorize @group authorize @group
if @group.update_attributes(params[:group]) if @group.update_attributes(group_params)
update_avatar(@group, params) update_avatar(@group, params)
flash[:notice] = t('flash.group.saved') flash[:notice] = t('flash.group.saved')
redirect_to group_path(@group) redirect_to group_path(@group)
@ -81,6 +81,10 @@ class Groups::ProfileController < Groups::BaseController
protected protected
def group_params
subject_params(Group)
end
def paginate_projects(page) def paginate_projects(page)
@projects.paginate(page: (page>0 ? page : nil), per_page: 24) @projects.paginate(page: (page>0 ? page : nil), per_page: 24)
end end

View File

@ -206,7 +206,7 @@ class Projects::BuildListsController < Projects::BaseController
protected protected
def build_list_params def build_list_params
permit_params(:build_list, *policy(BuildList).permitted_attributes) subject_params(BuildList)
end end
def advisory_params def advisory_params

View File

@ -32,6 +32,13 @@ class GroupPolicy < ApplicationPolicy
!user.guest? && ( is_admin? || owner? ) !user.guest? && ( is_admin? || owner? )
end end
# Public: Get list of parameters that the user is allowed to alter.
#
# Returns Array
def permitted_attributes
%i(uname description delete_avatar default_branch)
end
class Scope < Scope class Scope < Scope
def show def show
scope scope