seth
/
jam-cloud
mirror of https://bitbucket.org/jamkazam/jam-cloud.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
jam-cloud/app/controllers/api_users_controller.rb

205 lines
6.7 KiB
Ruby
Raw Blame History

class ApiUsersController < ApiController
before_filter :api_signed_in_user, only: [:index, :show, :update, :delete,
:friend_request_index, :friend_request_show,
:friend_request_create, :friend_request_update,
:friend_index, :friend_destroy]
respond_to :json
def index
# don't return users that aren't yet confirmed
@users = User.where('email_confirmed=TRUE').paginate(page: params[:page])
respond_with @users, responder: ApiResponder, :status => :ok
end
def show
# don't return users that aren't yet confirmed
@user = User.where('email_confirmed=TRUE').find(params[:id])
respond_with @user, responder: ApiResponder, :status => :ok
end
# this API call is disabled by virtue of it being commented out in routes.rb
# the reason is that it has no captcha, and is therefore a bit abuseable
# if someone wants to use it, please add in captcha or some other bot-protector
def create
# sends email to email account for confirmation
@user = UserManager.new.signup(params[:first_name],
params[:last_name],
params[:email],
params[:password],
params[:password_confirmation],
params[:city],
params[:state],
params[:country],
params[:instruments],
ApplicationHelper.base_uri(request) + "/confirm")
# check for errors
unless @user.errors.any?
render :json => {}, :status => :ok # an empty response, but 200 OK
else
response.status = :unprocessable_entity
respond_with @user, responder: ApiResponder
end
end
def signup_confirm
@user = UserManager.new.signup_confirm(params[:signup_token])
unless @user.errors.any?
respond_with @user, responder: ApiResponder, :location => api_user_detail_url(@user)
else
response.status = :unprocessable_entity
respond_with @user, responder: ApiResponder
end
end
def update
@user = User.save(params)
# check for errors
if @user.errors.nil? || @user.errors.size == 0
respond_with @user, responder: ApiResponder, :status => :ok
else
raise ActiveRecord::Rollback
response.status = :unprocessable_entity
respond_with @user
end
# FRIENDS
end
def delete
@user = User.find(params[:id])
@user.destroy # required to make 'tire' integration work
respond_with @user, responder: ApiResponder
end
###################### FOLLOWERS ########################
def follower_index
# NOTE: follower_index.rabl template references the followers property
@user = User.find(params[:id])
end
###################### FOLLOWINGS #######################
def following_index
@user = User.find(params[:id])
# TODO: get band followings and merge (@user.band_followings)
end
def following_create
if !params[:user_id].nil?
@follower = UserFollower.new()
@follower.user_id = params[:user_id]
@follower.follower_id = params[:id]
elsif !params[:band_id].nil?
@follower = BandFollower.new()
@follower.band_id = params[:band_id]
@follower.follower_id = params[:id]
end
@follower.save
@user = User.find(params[:id])
respond_with @user, responder: ApiResponder, :location => api_following_index_url(@user)
end
def following_destroy
JamRuby::UserFollower.delete_all "(user_id = '#{params[:user_id]}' AND follower_id = '#{params[:id]}')"
#JamRuby::BandFollower.delete_all "(band_id = '#{params[:band_id]}' AND follower_id = '#{params[:id]}')"
respond_with responder: ApiResponder
end
###################### FAVORITES ########################
def favorite_index
@user = User.find(params[:id])
# TODO: get band followings and merge (@user.band_followings)
end
def favorite_create
@follower = UserFavorite.new()
@follower.user_id = params[:user_id]
@follower.follower_id = params[:id]
@follower.save
@user = User.find(params[:id])
respond_with @user, responder: ApiResponder, :location => api_favorite_index_url(@user)
end
def favorite_destroy
JamRuby::UserFavorite.delete_all "(user_id = '#{params[:id]}' AND recording_id = '#{params[:recording_id]}')"
respond_with responder: ApiResponder
end
###################### FRIENDS ##########################
def friend_request_index
# get all outgoing and incoming friend requests
@friend_requests = FriendRequest.where("(friend_id='#{params[:id]}' OR user_id='#{params[:id]}') AND accepted is null")
end
def friend_request_show
@friend_request = FriendRequest.find(params[:id])
end
def friend_request_create
@friend_request = FriendRequest.new()
@friend_request.user_id = params[:user_id]
@friend_request.friend_id = params[:friend_id]
@friend_request.save
respond_with @friend_request, responder: ApiResponder, :location => api_friend_request_detail_url(@friend_request)
end
def friend_request_update
ActiveRecord::Base.transaction do
@friend_request = FriendRequest.find(params[:id])
@friend_request.accepted = params[:accepted]
@friend_request.save
# create both records for this friendship
if @friend_request.accepted?
@friendship = Friendship.new()
@friendship.user_id = @friend_request.user_id
@friendship.friend_id = @friend_request.friend_id
@friendship.save
@friendship = Friendship.new()
@friendship.user_id = @friend_request.friend_id
@friendship.friend_id = @friend_request.user_id
@friendship.save
end
end
respond_with @friend_request, responder: ApiResponder
end
def friend_index
# NOTE: friend_index.rabl template references the friends property
@user = User.find(params[:id])
end
def friend_destroy
# clean up both records representing this "friendship"
JamRuby::Friendship.delete_all "(user_id = '#{params[:id]}' AND friend_id = '#{params[:friend_id]}') OR (user_id = '#{params[:friend_id]}' AND friend_id = '#{params[:id]}')"
respond_with responder: ApiResponder
end
###################### AUTHORIZATION ####################
def auth_session_create
@user = User.authenticate(params[:email], params[:password])
if @user.nil?
render :json => { :success => false }, :status => 404
else
sign_in @user
render :json => { :success => true }, :status => 200
end
end
def auth_session_delete
sign_out
render :json => { :success => true }, :status => 200
end
end
Reference in New Issue View Git Blame Copy Permalink