cirandas.net

ref: master

vendor/plugins/kandadaboggu-vote_fu/examples/voteables_controller.rb

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117

# This example controller assumes you are using the User class from restful_authentication
# and a nested voteable resource. See routes.rb


class VoteablesController < ApplicationController

  before_filter :find_user
  before_filter :login_required, :only => [:new, :edit, :destroy, :create, :update]
  before_filter :must_own_voteable, :only => [:edit, :destroy, :update]

  # GET /users/:id/voteables
  # GET /users/:id/voteables.xml
  def index
    @voteable = Voteable.descending

    respond_to do |format|
      format.html # index.html.erb
      format.xml  { render :xml => @voteables }
    end
  end

  # GET /users/:id/voteables/1
  # GET /users/:id/voteables/1.xml
  def show
    @voteable = Voteable.find(params[:id])

    respond_to do |format|
      format.html # show.html.erb
      format.xml  { render :xml => @voteable }
    end
  end

  # GET /users/:id/voteables/new
  # GET /users/:id/voteables/new.xml
  def new
    @voteable = Voteable.new

    respond_to do |format|
      format.html # new.html.erb
      format.xml  { render :xml => @voteable }
    end
  end

  # GET /users/:id/voteables/1/edit
  def edit
    @voteable ||= Voteable.find(params[:id])
  end

  # POST /users/:id/voteables
  # POST /users/:id/voteables.xml
  def create
    @voteable = Voteable.new(params[:voteable])
    @voteable.user = current_user

    respond_to do |format|
      if @voteable.save
        flash[:notice] = 'Voteable was successfully saved.'
        format.html { redirect_to([@user, @voteable]) }
        format.xml  { render :xml => @voteable, :status => :created, :location => @voteable }
      else
        format.html { render :action => "new" }
        format.xml  { render :xml => @voteable.errors, :status => :unprocessable_entity }
      end
    end
  end

  # PUT /users/:id/voteable/1
  # PUT /users/:id/voteable/1.xml
  def update
    @voteable = Voteable.find(params[:id])

    respond_to do |format|
      if @quote.update(params[:voteable])
        flash[:notice] = 'Voteable was successfully updated.'
        format.html { redirect_to([@user, @voteable]) }
        format.xml  { head :ok }
      else
        format.html { render :action => "edit" }
        format.xml  { render :xml => @voteable.errors, :status => :unprocessable_entity }
      end
    end
  end

  # DELETE /users/:id/voteable/1
  # DELETE /users/:id/voteable/1.xml
  def destroy
    @voteable = Voteable.find(params[:id])
    @voteable.destroy

    respond_to do |format|
      format.html { redirect_to(user_voteables_url) }
      format.xml  { head :ok }
    end
  end

  private
  def find_user
    @user = User.find(params[:user_id])
  end

  def must_own_voteable
    @voteable ||= Voteable.find(params[:id])
    @voteable.user == current_user || ownership_violation
  end

  def ownership_violation
    respond_to do |format|
      flash[:notice] = 'You cannot edit or delete voteable that you do not own!'
      format.html do
        redirect_to user_path(current_user)
      end
    end
  end



end