demarches-normaliennes/app/controllers/api_tokens_controller.rb

47 lines
1 KiB
Ruby
Raw Normal View History

class APITokensController < ApplicationController
before_action :authenticate_administrateur!
before_action :set_api_token, only: [:update, :destroy]
def create
@api_token, @packed_token = APIToken.generate(current_administrateur)
2023-09-13 12:05:40 +02:00
render :index
end
def update
if become_full_access?
@api_token.become_full_access!
elsif disallow_procedure_id.present?
@api_token.untarget_procedure(disallow_procedure_id.to_i)
else
@api_token.update!(api_token_params)
end
2023-09-13 12:05:40 +02:00
render :index
end
def destroy
@api_token.destroy
redirect_to profil_path
end
private
def set_api_token
@api_token = current_administrateur.api_tokens.find(params[:id])
end
def become_full_access?
api_token_params[:become_full_access].present?
end
def disallow_procedure_id
api_token_params[:disallow_procedure_id]
end
def api_token_params
params.require(:api_token).permit(:name, :write_access, :become_full_access, :disallow_procedure_id, allowed_procedure_ids: [])
end
end