77 lines
2.4 KiB
Ruby
77 lines
2.4 KiB
Ruby
module Suppliers
|
|
class EmployeesController < Suppliers::ApplicationController
|
|
after_authentication only: [:show, :update, :destroy] do
|
|
@employee = current_supplier.get_employee params[:id]
|
|
render json: {}, status: 404 unless @employee.present?
|
|
end
|
|
# GET /employees
|
|
# GET /employees.json
|
|
def index
|
|
@employees = current_supplier.employees
|
|
render json: JSONAPI::Serializer.serialize(@employees, serializer: Suppliers::EmployeeSerializer, is_collection: true)
|
|
end
|
|
|
|
# GET /employees/1
|
|
# GET /employees/1.json
|
|
def show
|
|
render json: JSONAPI::Serializer.serialize(@employee, serializer: Suppliers::EmployeeSerializer)
|
|
end
|
|
|
|
# POST /employees
|
|
# POST /employees.json
|
|
def create
|
|
valid = false
|
|
if existing_employee = Employee.find_by_email(employee_params[:email])
|
|
@employee = existing_employee
|
|
if valid = @employee.valid?
|
|
current_supplier.add_employee @employee
|
|
@employee.update_attributes employee_params
|
|
end
|
|
else
|
|
@employee = Employee.new(employee_params)
|
|
@employee.password = SecureRandom.hex(8)
|
|
if valid = @employee.save
|
|
current_supplier.add_employee @employee
|
|
@employee.update_attributes employee_params # needed for supplier specific settings
|
|
end
|
|
end
|
|
|
|
if valid
|
|
render json: @employee, serializer: Suppliers::EmployeeSerializer, status: :created
|
|
else
|
|
render json: {errors: @employee.errors}, status: :unprocessable_entity
|
|
end
|
|
end
|
|
|
|
# PUT /employees/1
|
|
# PUT /employees/1.json
|
|
def update
|
|
#current_supplier.settings_for(@employee).update!(employee_params)
|
|
respond_to do |format|
|
|
if @employee.update_attributes(employee_params)
|
|
format.json { head :no_content }
|
|
else
|
|
format.json { render json: {errors: @employee.errors}, status: :unprocessable_entity }
|
|
end
|
|
end
|
|
end
|
|
|
|
# DELETE /employees/1
|
|
# DELETE /employees/1.json
|
|
def destroy
|
|
head :forbidden and return if @employee == current_employee # do not remove self at the moment
|
|
current_supplier.remove_employee @employee
|
|
|
|
respond_to do |format|
|
|
format.json { head :no_content }
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def employee_params
|
|
params.require(:employee).permit(:name, :email, :active, :manager, :color)
|
|
end
|
|
end
|
|
end
|