demarches-normaliennes/app/controllers/api_tokens_controller.rb

class APITokensController < ApplicationController
  before_action :authenticate_administrateur!

  def create
    @api_token, @packed_token = APIToken.generate(current_administrateur)

    respond_to do |format|
      format.turbo_stream { render :index }
      format.html { redirect_back(fallback_location: profil_path) }
    end
  end

  def update
    @api_token = current_administrateur.api_tokens.find(params[:id])

    disallow_procedure_id = api_token_params.fetch(:disallow_procedure_id, nil)
    if disallow_procedure_id.present?
      @api_token.disallow_procedure(disallow_procedure_id.to_i)
    else
      @api_token.update!(api_token_params)
    end

    respond_to do |format|
      format.turbo_stream { render :index }
      format.html { redirect_back(fallback_location: profil_path) }
    end
  end

  def destroy
    @api_token = current_administrateur.api_tokens.find(params[:id])
    @api_token.destroy

    respond_to do |format|
      format.turbo_stream { render :index }
      format.html { redirect_back(fallback_location: profil_path) }
    end
  end

  private

  def api_token_params
    params.require(:api_token).permit(:name, :write_access, :disallow_procedure_id, allowed_procedure_ids: [])
  end
end
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00			`class APITokensController < ApplicationController`
			`before_action :authenticate_administrateur!`

			`def create`
			`@api_token, @packed_token = APIToken.generate(current_administrateur)`

			`respond_to do \|format\|`
			`format.turbo_stream { render :index }`
			`format.html { redirect_back(fallback_location: profil_path) }`
			`end`
			`end`

			`def update`
			`@api_token = current_administrateur.api_tokens.find(params[:id])`
feat(api_token): enable fin graned access rights on tokens 2023-02-28 16:33:22 +01:00
			`disallow_procedure_id = api_token_params.fetch(:disallow_procedure_id, nil)`
			`if disallow_procedure_id.present?`
			`@api_token.disallow_procedure(disallow_procedure_id.to_i)`
			`else`
			`@api_token.update!(api_token_params)`
			`end`
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00
			`respond_to do \|format\|`
			`format.turbo_stream { render :index }`
			`format.html { redirect_back(fallback_location: profil_path) }`
			`end`
			`end`

			`def destroy`
			`@api_token = current_administrateur.api_tokens.find(params[:id])`
			`@api_token.destroy`

			`respond_to do \|format\|`
			`format.turbo_stream { render :index }`
			`format.html { redirect_back(fallback_location: profil_path) }`
			`end`
			`end`

			`private`

			`def api_token_params`
feat(api_token): enable fin graned access rights on tokens 2023-02-28 16:33:22 +01:00			`params.require(:api_token).permit(:name, :write_access, :disallow_procedure_id, allowed_procedure_ids: [])`
feat(api_token): add api token controller 2022-11-30 10:12:04 +01:00			`end`
			`end`