2022-11-30 10:12:04 +01:00
|
|
|
class APITokensController < ApplicationController
|
|
|
|
before_action :authenticate_administrateur!
|
|
|
|
|
|
|
|
def create
|
|
|
|
@api_token, @packed_token = APIToken.generate(current_administrateur)
|
|
|
|
|
|
|
|
respond_to do |format|
|
|
|
|
format.turbo_stream { render :index }
|
|
|
|
format.html { redirect_back(fallback_location: profil_path) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def update
|
|
|
|
@api_token = current_administrateur.api_tokens.find(params[:id])
|
2023-02-28 16:33:22 +01:00
|
|
|
|
|
|
|
disallow_procedure_id = api_token_params.fetch(:disallow_procedure_id, nil)
|
|
|
|
if disallow_procedure_id.present?
|
|
|
|
@api_token.disallow_procedure(disallow_procedure_id.to_i)
|
|
|
|
else
|
|
|
|
@api_token.update!(api_token_params)
|
|
|
|
end
|
2022-11-30 10:12:04 +01:00
|
|
|
|
|
|
|
respond_to do |format|
|
|
|
|
format.turbo_stream { render :index }
|
|
|
|
format.html { redirect_back(fallback_location: profil_path) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def destroy
|
|
|
|
@api_token = current_administrateur.api_tokens.find(params[:id])
|
|
|
|
@api_token.destroy
|
|
|
|
|
|
|
|
respond_to do |format|
|
|
|
|
format.turbo_stream { render :index }
|
|
|
|
format.html { redirect_back(fallback_location: profil_path) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def api_token_params
|
2023-02-28 16:33:22 +01:00
|
|
|
params.require(:api_token).permit(:name, :write_access, :disallow_procedure_id, allowed_procedure_ids: [])
|
2022-11-30 10:12:04 +01:00
|
|
|
end
|
|
|
|
end
|