1
0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-01-06 21:46:17 +01:00
fab-manager/app/controllers/api/admins_controller.rb

45 lines
1.0 KiB
Ruby
Raw Normal View History

2019-01-08 09:56:07 +01:00
# frozen_string_literal: true
# API Controller for resources of type User with role 'admin'.
2023-02-24 17:26:55 +01:00
class API::AdminsController < API::APIController
2016-03-23 18:39:41 +01:00
before_action :authenticate_user!
def index
authorize :admin
2016-06-24 18:43:22 +02:00
@admins = User.includes(profile: [:user_avatar]).admins
2016-03-23 18:39:41 +01:00
end
def create
authorize :admin
res = UserService.create_admin(admin_params)
2016-03-23 18:39:41 +01:00
if res[:saved]
@admin = res[:user]
2016-03-23 18:39:41 +01:00
render :create, status: :created
else
render json: res[:user].errors.full_messages, status: :unprocessable_entity
2016-03-23 18:39:41 +01:00
end
end
def destroy
@admin = User.admins.find(params[:id])
2019-01-16 13:07:19 +01:00
if current_user.admin? && @admin != current_user
2016-03-23 18:39:41 +01:00
@admin.destroy
head :no_content
else
head :unauthorized
end
end
private
2018-12-27 14:55:55 +01:00
def admin_params
params.require(:admin).permit(
:username, :email, :group_id,
profile_attributes: %i[first_name last_name phone],
invoicing_profile_attributes: [address_attributes: [:address]],
statistic_profile_attributes: %i[gender birthday]
)
2018-12-27 14:55:55 +01:00
end
2016-03-23 18:39:41 +01:00
end