bterkuile/mozo-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

supplier client sections working with problematic authentication still active

Browse Source
This commit is contained in:
Benjamin ter Kuile
2020-02-27 15:44:43 -05:00
parent 9e86b18c3e
commit 2149345d3d
33 changed files with 456 additions and 281 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/suppliers/application_controller.rb
+9 -2
View File
@@ -15,17 +15,24 @@ module Suppliers
rescue_from CanCan::AccessDenied do |exception|
respond_to do |format|
format.html { redirect_to root_path, alert: 'Action forbidden'}
format.json { render json: {errors: "403 Forbidden"}, status: :forbidden }
format.json { render json: {errors: "403 Forbidden", ok: false}, status: :forbidden }
end
end
# GET
#NOTE: temporary solution for development, if I am in production something is wrong
def employee_and_supplier
employee = current_employee || Employee.find_by_email('bterkuile@gmail.com')
raise CanCan::AccessDenied unless employee.present?
supplier = current_supplier || employee.suppliers.first
employee.enrich_with_settings supplier.settings_for(employee)
FlatKeys.as_nested_structure(Supplier::PRELOAD_INCLUDES).last.each do |relation_name, includes|
relation_result = supplier.public_send(relation_name)
relation_result.include_relations(includes) if relation_result.is_a?(Array)
end
render json: {
employee: JSONAPI::Serializer.serialize(employee, serializer: Suppliers::EmployeeSerializer),
supplier: JSONAPI::Serializer.serialize(supplier, serializer: Suppliers::SupplierSerializer),
supplier: JSONAPI::Serializer.serialize(supplier, serializer: Suppliers::SupplierSerializer, include: Supplier::PRELOAD_INCLUDES),
auth_token: employee.authentication_token,
}
end
app/controllers/suppliers/employee_shifts_controller.rb
+3
View File
@@ -12,18 +12,21 @@ module Suppliers
render json: @employee_shifts
end
def create
@employee_shift = EmployeeShift.new(employee_shift_params)
@employee_shift.supplier = current_supplier
@employee_shift.save
render json: @employee_shift
end
def update
@employee_shift = EmployeeShift.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
@employee_shift.update employee_shift_params
render json: @employee_shift
end
def destroy
head :forbidden and return unless @employee_shift.supplier_id == current_supplier.id
@employee_shift= EmployeeShift.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
@employee_shift.destroy
head :no_content
end
app/controllers/suppliers/product_categories_controller.rb
+1 -1
View File
@@ -43,7 +43,7 @@ module Suppliers
# GET /product_categories/new
# GET /product_categories/new.json
def new
@product_category = ProductCategory.new
@product_category = ProductCategory.new supplier: current_supplier
respond_to do |format|
format.html # new.html.erb
app/controllers/suppliers/product_variants_controller.rb
+1
View File
@@ -53,6 +53,7 @@ module Suppliers
def destroy
#@product_variant = ProductVariant.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
@product_variant = ProductVariant.find(params[:id])
head :forbidden and return unless @product_variant.supplier_id == current_supplier.id
@product_variant.destroy
head :no_content
end
app/controllers/suppliers/products_controller.rb
+3 -3
View File
@@ -29,7 +29,7 @@ module Suppliers
# GET /products/new
# GET /products/new.json
def new
@product = Product.new
@product = Product.new supplier: current_supplier
@product.add_product_category ProductCategory.find_by_supplier_id_and_id!(current_supplier.id, params[:product_category_id]) if params[:product_category_id].present?
respond_to do |format|
@@ -46,7 +46,7 @@ module Suppliers
# POST /products
# POST /products.json
def create
#@product = Product.new(product_params)
@product = Product.new(product_params)
@product.supplier = current_supplier
respond_to do |format|
@@ -79,7 +79,7 @@ module Suppliers
# DELETE /products/1
# DELETE /products/1.json
def destroy
#@product = Product.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
@product = Product.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
@product.destroy
head :no_content
end
app/controllers/suppliers/section_areas_controller.rb
+3
View File
@@ -6,6 +6,7 @@ module Suppliers
end
def create
@section_area = SectionArea.new(section_area_params)
@section_area.supplier = current_supplier
if @section_area.save
render json: @section_area
@@ -15,6 +16,7 @@ module Suppliers
end
def update
@section_area = SectionArea.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
if @section_area.update_attributes section_area_params
render json: @section_area
else
@@ -23,6 +25,7 @@ module Suppliers
end
def destroy
@section_area= SectionArea.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
@section_area.destroy
head :no_content
end
app/controllers/suppliers/section_elements_controller.rb
+3
View File
@@ -6,6 +6,7 @@ module Suppliers
end
def create
@section_element = SectionElement.new(section_element_params)
@section_element.supplier = current_supplier
if @section_element.save
render json: @section_element
@@ -15,6 +16,7 @@ module Suppliers
end
def update
@section_element = SectionElement.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
if @section_element.update_attributes section_element_params
render json: @section_element
else
@@ -23,6 +25,7 @@ module Suppliers
end
def destroy
@section_element= SectionElement.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
@section_element.destroy
head :no_content
end
app/controllers/suppliers/sections_controller.rb
+1 -2
View File
@@ -31,8 +31,7 @@ module Suppliers
# GET /sections/new
# GET /sections/new.json
def new
@section = Section.new
@section.supplier = current_supplier
@section = Section.new supplier: current_supplier
render json: @section
end
app/controllers/suppliers/suppliers_controller.rb
+6 -10
View File
@@ -6,7 +6,11 @@ module Suppliers
end
def show
current_supplier.sections.include_relations(:tables, :section_areas, :section_elements, product_categories: {products: :product_variants})
#current_supplier.sections.include_relations(:tables, :section_areas, :section_elements, product_categories: {products: :product_variants})
FlatKeys.as_nested_structure(Supplier::PRELOAD_INCLUDES).last.each do |relation_name, includes|
relation_result = current_supplier.public_send(relation_name)
relation_result.include_relations(includes) if relation_result.is_a?(Array)
end
#render json: JSONAPI::Serializer.serialize(current_supplier, serializer: Suppliers::SupplierSerializer, include: %w[
#sections
#sections.tables
@@ -16,15 +20,7 @@ module Suppliers
#product_categories.products
#product_categories.products.product_variants
#]) #.new(current_supplier).as_json
render json: current_supplier, include: %w[
sections
sections.tables
sections.section_areas
sections.section_elements
product_categories
product_categories.products
product_categories.products.product_variants
]
render json: current_supplier, include: Supplier::PRELOAD_INCLUDES
end
def update
app/controllers/suppliers/tables_controller.rb
+3 -3
View File
@@ -12,7 +12,7 @@ module Suppliers
# GET /tables/1
# GET /tables/1.json
def show
@table= Table.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
@table = Table.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
render json: @table
end
@@ -20,7 +20,7 @@ module Suppliers
# GET /tables/new
# GET /tables/new.json
def new
@table = Table.new
@table = Table.new supplier: current_supplier
@table.section_id = params[:section_id].presence
render json: @table
@@ -47,7 +47,7 @@ module Suppliers
# PUT /supplier/tables/1
# PUT /supplier/tables/1.json
def update
@table= Table.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
@table = Table.find_by_supplier_id_and_id!(current_supplier.id, params[:id])
if @table.update_attributes(table_params)
render json: @table