29 lines
853 B
Ruby
29 lines
853 B
Ruby
class API::V1::ProceduresController < APIController
|
|
before_action :fetch_procedure_and_check_token
|
|
|
|
resource_description do
|
|
description AUTHENTICATION_TOKEN_DESCRIPTION
|
|
end
|
|
|
|
api :GET, '/procedures/:id', 'Informations concernant une démarche'
|
|
param :id, Integer, desc: "L'identifiant de la démarche", required: true
|
|
error code: 401, desc: "Non authorisé"
|
|
error code: 404, desc: "Démarche inconnue"
|
|
|
|
def show
|
|
render json: { procedure: ProcedureSerializer.new(@procedure.decorate).as_json }
|
|
end
|
|
|
|
private
|
|
|
|
def fetch_procedure_and_check_token
|
|
@procedure = Procedure.includes(:administrateur).find(params[:id])
|
|
|
|
if !valid_token_for_administrateur?(@procedure.administrateur)
|
|
render json: {}, status: :unauthorized
|
|
end
|
|
|
|
rescue ActiveRecord::RecordNotFound
|
|
render json: {}, status: :not_found
|
|
end
|
|
end
|