diff options
Diffstat (limited to 'app/controllers/resources_controller.rb')
| -rw-r--r-- | app/controllers/resources_controller.rb | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/app/controllers/resources_controller.rb b/app/controllers/resources_controller.rb index 52d89ea..2fa392f 100644 --- a/app/controllers/resources_controller.rb +++ b/app/controllers/resources_controller.rb @@ -18,13 +18,15 @@ class ResourcesController < ApplicationController def create # TODO Background job to list similar items # TODO If there's a match, return to user with new record or list of mergeable ones - return 403 unless (current_user_editor? || current_user_observer?) classification = resource_params.delete(:classification) || { section_ids: [] } + Rails.logger.info resource_params + @resource = current_agent.resources.build(resource_params) respond_to do |format| + Rails.logger.info "format: #{format} - Res: #{@resource.inspect}" if @resource.save classification[:section_ids].each { |id| @resource.classifications.find_or_create_by(section_id: id) } format.html { redirect_to @resource, notice: 'Merci de votre contribution !' } @@ -43,8 +45,7 @@ class ResourcesController < ApplicationController # GET /resources/:id/edit def edit # TODO Add a moderation queue for unauthorized but valid changes - flash.now[:notice] = 'Please ask an editor or a maintainer to edit this resource!' unless (current_user_editor? || current_user_maintainer?) - + flash.now[:notice] = 'Please ask an editor or a maintainer to edit this resource!' unless @resource.agent == current_agent Rails.logger.info "EDIT: #{@resource.uuid} #{@resource.name} // #{current_agent.id}" end @@ -56,7 +57,8 @@ class ResourcesController < ApplicationController # 2. Validate each change # 3. Moderate queue or save - return 403 unless (current_user_editor? || current_user_maintainer?) + # TODO: pass this to current_agent and version resource + return 403 unless current_agent == @resource.agent respond_to do |format| if @resource.update(resource_params) @@ -78,7 +80,7 @@ class ResourcesController < ApplicationController def destroy # Check list # 1. User belongs to Agent and is :maintainer? - if !current_user_maintainer? + if @resource.agent != current_agent msg = 'You must be a maintainer to delete resources!' respond_to do |format| format.html { redirect_to :show, notice: msg } |