seth
/
jam-cloud
mirror of https://bitbucket.org/jamkazam/jam-cloud.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
jam-cloud/app/controllers/api_bands_controller.rb

153 lines
4.6 KiB
Ruby
Raw Blame History

class ApiBandsController < ApplicationController
before_filter :api_signed_in_user, :only => [:index, :show, :create, :update,
:following_create, :following_destroy]
respond_to :json
def index
@bands = Band.paginate(page: params[:page])
end
def show
@band = Band.find(params[:id])
end
def create
@band = Band.save(params[:id],
params[:name],
params[:website],
params[:biography],
params[:city],
params[:state],
params[:country],
params[:genres])
respond_with @band, responder: ApiResponder, :location => api_band_detail_url(@band)
=begin
# check for errors
if @band.errors.nil? || @band.errors.size == 0
respond_with @band, responder: ApiResponder, :location => api_band_detail_url(@band)
else
raise ActiveRecord::Rollback
response.status = :unprocessable_entity
respond_with @band
end
=end
end
def update
@band = Band.save(params[:id],
params[:name],
params[:website],
params[:biography],
params[:city],
params[:state],
params[:country],
params[:genres])
# check for errors
if @band.errors.nil? || @band.errors.size == 0
respond_with @band, responder: ApiResponder, :status => :ok
else
raise ActiveRecord::Rollback
response.status = :unprocessable_entity
respond_with @band
end
end
###################### FOLLOWERS ########################
def follower_index
# NOTE: follower_index.rabl template references the followers property
@band = Band.find(params[:id])
end
###################### RECORDINGS #######################
def recording_index
hide_private = false
band = Band.find(params[:id])
# hide private Recordings from anyone who's not in the Band
unless band.users.exists? current_user
hide_private = true
end
if hide_private
@recordings = Recording.find(:all,
:joins => :musician_recordings,
:select => "recordings.id, recordings.description, recordings.public",
:conditions => ["bands_recordings.band_id='#{params[:id]}'' AND public=true"])
#.paginate(page: params[:page])
else
@recordings = Recording.find(:all,
:joins => :musician_recordings,
:select => "recordings.id, recordings.description, recordings.public",
:conditions => ["bands_recordings.band_id='#{params[:id]}'"])
end
end
def recording_show
hide_private = false
band = Band.find(params[:id])
# hide private Recordings from anyone who's not in the Band
unless band.users.exists? current_user
hide_private = true
end
@recording = Recording.find(params[:recording_id])
if !@recording.public && hide_private
render :json => { :message => "You are not allowed to access this recording." }, :status => 403
#respond_with "You are not allowed to view this recording.", responder: ApiResponder, :status => 403
else
respond_with @recording, responder: ApiResponder, :status => 200
end
end
def recording_create
@recording = Recording.save(params[:recording_id],
params[:public],
params[:description],
params[:id],
params[:id],
true)
if @recording.errors.nil? || @recording.errors.size == 0
@band = Band.find(params[:id])
respond_with @recording, responder: ApiResponder, :status => 201, :location => api_band_recording_detail_url(@band, @recording)
else
raise ActiveRecord::Rollback
response.status = :unprocessable_entity
respond_with @recording
end
end
def recording_destroy
# TODO: ensure current_user is band member
@recording = Recording.find(params[:recording_id])
@recording.delete
respond_with responder: ApiResponder, :status => 204
end
###################### INVITATIONS ######################
def invitation_index
# verify current_user is member of Band
@band = Band.find_by_id(params[:id])
unless @band.users.exists? current_user
raise PermissionError, ValidationMessages::PERMISSION_VALIDATION_ERROR
end
@invitations = BandInvitation.find_by_band_id(@band.id)
end
def invitation_create
end
end
Reference in New Issue View Git Blame Copy Permalink