demarches-normaliennes/app/controllers/api/v1/procedures_controller.rb

21 lines
509 B
Ruby
Raw Normal View History

2015-12-21 17:51:49 +01:00
class API::V1::ProceduresController < APIController
before_action :fetch_procedure_and_check_token
def show
render json: { procedure: ProcedureSerializer.new(@procedure).as_json }
end
private
def fetch_procedure_and_check_token
2018-11-01 14:04:32 +01:00
@procedure = Procedure.for_api.find(params[:id])
if !valid_token_for_administrateur?(@procedure.administrateurs)
render json: {}, status: :unauthorized
end
2015-12-21 17:51:49 +01:00
rescue ActiveRecord::RecordNotFound
render json: {}, status: :not_found
2015-12-21 17:51:49 +01:00
end
end