metamaps--metamaps/app/controllers/api/restful_controller.rb

class API::RestfulController < ActionController::Base
  include Pundit
  include PunditExtra

  snorlax_used_rest!

  load_and_authorize_resource only: [:show, :update, :destroy]

  def create
    instantiate_resource
    resource.user = current_user
    authorize resource
    create_action
    respond_with_resource
  end

  private

  def resource_serializer
    "new_#{resource_name}_serializer".camelize.constantize
  end

  def accessible_records
    if current_user
      visible_records
    else
      public_records
    end
  end

  def current_user
    super || token_user || doorkeeper_user || nil
  end

  def token_user
    token = params[:access_token]
    access_token = Token.find_by_token(token)
    @token_user ||= access_token.user if access_token
  end

  def doorkeeper_user
    return unless doorkeeper_token.present?
    doorkeeper_render_error unless valid_doorkeeper_token?
    @doorkeeper_user ||= User.find(doorkeeper_token.resource_owner_id)
  end

  def permitted_params
    @permitted_params ||= PermittedParams.new(params)
  end
end
first pass at important API endpoints, token auth 2016-03-11 17:16:04 +11:00			`class API::RestfulController < ActionController::Base`
changes for api 2016-03-12 09:37:18 +11:00			`include Pundit`
			`include PunditExtra`

first pass at important API endpoints, token auth 2016-03-11 17:16:04 +11:00			`snorlax_used_rest!`

fix tokens 2016-03-12 12:26:23 +11:00			`load_and_authorize_resource only: [:show, :update, :destroy]`
changes for api 2016-03-12 09:37:18 +11:00
clean up duplicate code 2016-03-11 17:26:54 +11:00			`def create`
instantiate_resource 2016-03-25 10:26:32 +08:00			`instantiate_resource`
clean up duplicate code 2016-03-11 17:26:54 +11:00			`resource.user = current_user`
this may make it work 2016-03-24 23:33:26 -07:00			`authorize resource`
clean up duplicate code 2016-03-11 17:26:54 +11:00			`create_action`
			`respond_with_resource`
			`end`

first pass at important API endpoints, token auth 2016-03-11 17:16:04 +11:00			`private`

api: adjust serializers 2016-03-12 10:05:42 +11:00			`def resource_serializer`
			`"new_#{resource_name}_serializer".camelize.constantize`
			`end`

changes for api 2016-03-12 09:37:18 +11:00			`def accessible_records`
			`if current_user`
			`visible_records`
			`else`
			`public_records`
			`end`
			`end`

first pass at important API endpoints, token auth 2016-03-11 17:16:04 +11:00			`def current_user`
styling for doorkeeper and api functional 2016-03-24 17:16:27 -07:00			`super \|\| token_user \|\| doorkeeper_user \|\| nil`
first pass at important API endpoints, token auth 2016-03-11 17:16:04 +11:00			`end`

			`def token_user`
styling for doorkeeper and api functional 2016-03-24 17:16:27 -07:00			`token = params[:access_token]`
			`access_token = Token.find_by_token(token)`
Update code style automatically using rubocop gem (#563) * install rubocop * 1961 automatic rubocop fixes * update rubocop.yml to ignore half of the remaining cops * rubocop lint warnings * random other warnings fixed 2016-07-26 08:14:23 +08:00			`@token_user \|\|= access_token.user if access_token`
first pass at important API endpoints, token auth 2016-03-11 17:16:04 +11:00			`end`

styling for doorkeeper and api functional 2016-03-24 17:16:27 -07:00			`def doorkeeper_user`
			`return unless doorkeeper_token.present?`
			`doorkeeper_render_error unless valid_doorkeeper_token?`
			`@doorkeeper_user \|\|= User.find(doorkeeper_token.resource_owner_id)`
			`end`

first pass at important API endpoints, token auth 2016-03-11 17:16:04 +11:00			`def permitted_params`
			`@permitted_params \|\|= PermittedParams.new(params)`
			`end`
			`end`