blob: 5fc872b9188e16d66e624f70cc9f84287d69f25c (
plain) (
tree)
|
|
class CategoriesController < ApplicationController
before_action :set_category, only: %i[ show edit update destroy ]
before_action :require_admin, only: %i[ new create update destroy ]
# GET /categories or /categories.json
def index
@categories = Category.all
end
# GET /categories/1 or /categories/1.json
def show
end
# GET /categories/new
def new
@category = Category.new
end
# GET /categories/1/edit
def edit
end
# POST /categories or /categories.json
def create
@category = Category.new(category_params)
respond_to do |format|
if @category.save
format.html { redirect_to @category, notice: "Category was successfully created." }
format.json { render :show, status: :created, location: @category }
else
format.html { render :new, status: :unprocessable_entity }
format.json { render json: @category.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /categories/1 or /categories/1.json
def update
respond_to do |format|
if @category.update(category_params)
format.html { redirect_to @category, notice: "Category was successfully updated." }
format.json { render :show, status: :ok, location: @category }
else
format.html { render :edit, status: :unprocessable_entity }
format.json { render json: @category.errors, status: :unprocessable_entity }
end
end
end
# DELETE /categories/1 or /categories/1.json
def destroy
@category.destroy!
respond_to do |format|
format.html { redirect_to categories_path, status: :see_other, notice: "Category was successfully destroyed." }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_category
@category = Category.find(params.expect(:id))
end
# Only allow a list of trusted parameters through.
def category_params
params.expect(category: [ :name, :colour, :badge_foreground_colour ])
end
def require_admin
unless Current.session.user&.is_admin
redirect_to root_path, notice: "You must be an admin to perform this action."
end
end
end
|
