Poltergeist in the green, and resourceful refactor

app/controllers/suppliers/application_controller.rb

@@ -5,7 +5,6 @@ module Suppliers
     attr_reader :current_supplier
     helper_method :current_supplier
     layout 'supplier/app'
-    class_attribute :after_authentication_hooks
 
     rescue_from 'RestClient::Conflict' do |e|
       #binding.pry
@@ -17,22 +16,14 @@ module Suppliers
       end
     end
 
-    def self.after_authentication(options, &blk)
-      self.after_authentication_hooks ||= []
-      after_authentication_hooks << {options: options, block: blk}
-    end
-
     def setup_employee_and_supplier!
       authenticate_employee!
       find_current_supplier!
       return unless current_supplier.present?
       current_employee.enrich_with_settings current_supplier.settings_for(current_employee)
       raise CanCan::AccessDenied unless current_employee.active?
-      @current_ability = ::Ability.new( current_employee )
-      Array.wrap(after_authentication_hooks).each do |hook|
-        next if hook[:options][:only].present? && !Array.wrap(hook[:options][:only]).include?(action_name.to_sym)
-        instance_eval &hook[:block]
-      end
+      @current_ability = Suppliers::Ability.new( current_employee )
+      run_after_authentication_hooks!
     end
 
 

app/controllers/suppliers/products_controller.rb

@@ -1,6 +1,9 @@
 module Suppliers
   class ProductsController < Suppliers::ApplicationController
     layout 'tablet'
+    after_authentication only: [:show, :edit, :update, :destroy] do
+      @product = Product.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
+    end
 
     # GET /products
     # GET /products.json
@@ -16,7 +19,6 @@ module Suppliers
     # GET /products/1
     # GET /products/1.json
     def show
-      @product = Product.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
 
       respond_to do |format|
         format.html # show.html.erb
@@ -38,13 +40,13 @@ module Suppliers
 
     # GET /products/1/edit
     def edit
-      @product = Product.find(params[:id])
+      #@product = Product.find(params[:id])
     end
 
     # POST /products
     # POST /products.json
     def create
-      @product = Product.new(product_params)
+      #@product = Product.new(product_params)
       @product.supplier = current_supplier
 
       respond_to do |format|
@@ -61,7 +63,7 @@ module Suppliers
     # PUT /products/1
     # PUT /products/1.json
     def update
-      @product = Product.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
+      #@product = Product.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
 
       respond_to do |format|
         if @product.update_attributes(product_params)
@@ -77,12 +79,12 @@ module Suppliers
     # DELETE /products/1
     # DELETE /products/1.json
     def destroy
-      @product = Product.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
+      #@product = Product.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
       @product.destroy
 
       respond_to do |format|
         format.html { redirect_to suppliers_products_url, notice: t('action.destroy.successfull', model: Product.model_name.human) }
-        format.json { head :no_content }
+        format.json { head :ok }
       end
     end
 

app/controllers/suppliers/suppliers_controller.rb

@@ -0,0 +1,67 @@
+module Suppliers
+  class SuppliersController < Suppliers::ApplicationController
+    def index
+
+    end
+
+    def show
+      [current_supplier].include_relations(sections: :tables, product_categories: :products)
+      render json: Suppliers::SupplierSerializer.new(current_supplier).as_json
+    end
+
+    def update
+      @supplier = current_supplier
+      current_supplier.update_attributes(supplier_params)
+      render json: Suppliers::SupplierSerializer.new(current_supplier).as_json
+    end
+
+    def switch_to
+      @switch_supplier = Supplier.find(params[:id])
+      session[:supplier_id] = params[:id] if @switch_supplier.employee_ids.include? current_employee.id
+      redirect_to supplier_root_path(anchor: '/settings')
+    end
+
+    def mark_as_open
+      current_supplier.mark_as_open!
+      head :ok
+    end
+
+    def mark_as_closed
+      current_supplier.mark_as_closed!
+      head :ok
+    end
+    def remove_needs_payment
+      @list = List.find_by_supplier_id_and_id(current_supplier.id, params[:id])
+      @list.remove_needs_payment!
+      head :ok
+    end
+
+
+    private
+
+    def supplier_params
+      params.require(:supplier).permit(
+        :name,
+        :email,
+        :open,
+        :time_zone,
+        :night_offset,
+        :location,
+        :lat,
+        :lng,
+        :offer_wifi,
+        :wifi_ssid,
+        :wifi_type,
+        :wifi_password,
+        :iens_profile,
+        :address,
+        :house_number,
+        :house_number_addition,
+        :postal_code,
+        :city,
+        :country,
+        :facebook_promotion_url
+      )
+    end
+  end
+end