DGNum/demarches-normaliennes
15
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

api_tokens_controller: use before_action set_api_token

Browse source
This commit is contained in:
simon lehericey 2023-09-12 17:20:00 +02:00
parent 01efae960b
commit 2a109d3aa4
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/controllers/api_tokens_controller.rb
View file

@ -1,5 +1,6 @@
class APITokensController < ApplicationController
before_action :authenticate_administrateur!
before_action :set_api_token, only: [:update, :destroy]
def create
@api_token, @packed_token = APIToken.generate(current_administrateur)
@ -11,8 +12,6 @@ class APITokensController < ApplicationController
end
def update
@api_token = current_administrateur.api_tokens.find(params[:id])
disallow_procedure_id = api_token_params.fetch(:disallow_procedure_id, nil)
if disallow_procedure_id.present?
@api_token.disallow_procedure(disallow_procedure_id.to_i)
@ -27,7 +26,6 @@ class APITokensController < ApplicationController
end
def destroy
@api_token = current_administrateur.api_tokens.find(params[:id])
@api_token.destroy
respond_to do |format|
@ -38,6 +36,10 @@ class APITokensController < ApplicationController
private
def set_api_token
@api_token = current_administrateur.api_tokens.find(params[:id])
end
def api_token_params
params.require(:api_token).permit(:name, :write_access, :disallow_procedure_id, allowed_procedure_ids: [])
end