42 lines
1.9 KiB
Ruby
42 lines
1.9 KiB
Ruby
module Users
|
|
class OrdersController < Users::ApplicationController
|
|
respond_to :json
|
|
|
|
# /nested resource
|
|
def index
|
|
render json: {}, status: :not_found and return unless params[:list_id].present?
|
|
@list = List.find(params[:list_id])
|
|
render json: {}, status: :not_found and return unless @list.present? && Array.wrap(@list.user_ids).include?(current_user.id)
|
|
orders = @list.orders.include_relation(:product_orders)
|
|
render json: JSONAPI::Serializer.serialize(orders, serializer: Users::OrderSerializer, include: %w[product_orders product_orders.order], is_collection: true)
|
|
end
|
|
|
|
# Used by the user Ember app
|
|
# POST /user/orders
|
|
def create
|
|
# render json: {}, status: :unprocessable_entity and return unless params[:order].present? && params[:order][:product_orders].present?
|
|
if list = current_user.active_list
|
|
render json: {}, status: :not_acceptable and return unless list.supplier.open?
|
|
else
|
|
#TODO: More logic about creating a new list!!!!!, usercontroller table_info should become irrelevant
|
|
#NOTE: security bug here!!!!!!
|
|
# - supplier.open?
|
|
# - etc....
|
|
render json: {}, status: :unprocessable_entity and return unless params[:table_id].present?
|
|
table = Table.find(params[:table_id])
|
|
render json: {}, status: :not_acceptable and return unless table.supplier.open?
|
|
|
|
if table.occupied?
|
|
#render json: json_alert('messages.table_is_occupied', location: :join_occupied_table, location_params: {table_id: @table.id})
|
|
render json: {}, status: :not_acceptable and return
|
|
end
|
|
|
|
list = List.from_table( table, current_user )
|
|
end
|
|
order = list.place_order product_orders: params[:product_orders], user: current_user
|
|
render json: order, serializer: Users::OrderSerializer
|
|
#render nothing: true
|
|
end
|
|
end
|
|
end
|