1
# This example controller assumes you are using the User class from restful_authentication
2
# and a nested voteable resource. See routes.rb
5
class VoteablesController < ApplicationController
7
before_filter :find_user
8
before_filter :login_required, :only => [:new, :edit, :destroy, :create, :update]
9
before_filter :must_own_voteable, :only => [:edit, :destroy, :update]
11
# GET /users/:id/voteables
12
# GET /users/:id/voteables.xml
14
@voteable = Voteable.descending
16
respond_to do |format|
17
format.html # index.html.erb
18
format.xml { render :xml => @voteables }
22
# GET /users/:id/voteables/1
23
# GET /users/:id/voteables/1.xml
25
@voteable = Voteable.find(params[:id])
27
respond_to do |format|
28
format.html # show.html.erb
29
format.xml { render :xml => @voteable }
33
# GET /users/:id/voteables/new
34
# GET /users/:id/voteables/new.xml
36
@voteable = Voteable.new
38
respond_to do |format|
39
format.html # new.html.erb
40
format.xml { render :xml => @voteable }
44
# GET /users/:id/voteables/1/edit
46
@voteable ||= Voteable.find(params[:id])
49
# POST /users/:id/voteables
50
# POST /users/:id/voteables.xml
52
@voteable = Voteable.new(params[:voteable])
53
@voteable.user = current_user
55
respond_to do |format|
57
flash[:notice] = 'Voteable was successfully saved.'
58
format.html { redirect_to([@user, @voteable]) }
59
format.xml { render :xml => @voteable, :status => :created, :location => @voteable }
61
format.html { render :action => "new" }
62
format.xml { render :xml => @voteable.errors, :status => :unprocessable_entity }
67
# PUT /users/:id/voteable/1
68
# PUT /users/:id/voteable/1.xml
70
@voteable = Voteable.find(params[:id])
72
respond_to do |format|
73
if @quote.update_attributes(params[:voteable])
74
flash[:notice] = 'Voteable was successfully updated.'
75
format.html { redirect_to([@user, @voteable]) }
76
format.xml { head :ok }
78
format.html { render :action => "edit" }
79
format.xml { render :xml => @voteable.errors, :status => :unprocessable_entity }
84
# DELETE /users/:id/voteable/1
85
# DELETE /users/:id/voteable/1.xml
87
@voteable = Voteable.find(params[:id])
90
respond_to do |format|
91
format.html { redirect_to(user_voteables_url) }
92
format.xml { head :ok }
98
@user = User.find(params[:user_id])
101
def must_own_voteable
102
@voteable ||= Voteable.find(params[:id])
103
@voteable.user == current_user || ownership_violation
106
def ownership_violation
107
respond_to do |format|
108
flash[:notice] = 'You cannot edit or delete voteable that you do not own!'
110
redirect_to user_path(current_user)