diff options
| author | Starfall <us@starfall.systems> | 2023-04-22 20:32:00 -0500 |
|---|---|---|
| committer | Starfall <us@starfall.systems> | 2023-04-22 20:32:00 -0500 |
| commit | 609ee7b2979252464e63acbfd2eff3e0e3786f3e (patch) | |
| tree | 6ade160c4354b803ed36ae5dae28a0ae38bcf032 /app/controllers/api/v1/admin/trends/statuses_controller.rb | |
| parent | 4fe1689de43f4404eb9530fcfbcbfb26d6c1c13a (diff) | |
| parent | 5b58ebb04fe197cc7aa0cfc05a4d1b2df8da0050 (diff) | |
Merge remote-tracking branch 'glitch/main'
Diffstat (limited to 'app/controllers/api/v1/admin/trends/statuses_controller.rb')
| -rw-r--r-- | app/controllers/api/v1/admin/trends/statuses_controller.rb | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/app/controllers/api/v1/admin/trends/statuses_controller.rb b/app/controllers/api/v1/admin/trends/statuses_controller.rb index c39f77363..34b6580df 100644 --- a/app/controllers/api/v1/admin/trends/statuses_controller.rb +++ b/app/controllers/api/v1/admin/trends/statuses_controller.rb @@ -1,7 +1,36 @@ # frozen_string_literal: true class Api::V1::Admin::Trends::StatusesController < Api::V1::Trends::StatusesController - before_action -> { authorize_if_got_token! :'admin:read' } + include Authorization + + before_action -> { authorize_if_got_token! :'admin:read' }, only: :index + before_action -> { authorize_if_got_token! :'admin:write' }, except: :index + + after_action :verify_authorized, except: :index + + def index + if current_user&.can?(:manage_taxonomies) + render json: @statuses, each_serializer: REST::Admin::Trends::StatusSerializer + else + super + end + end + + def approve + authorize [:admin, :status], :review? + + status = Status.find(params[:id]) + status.update(trendable: true) + render json: status, serializer: REST::Admin::Trends::StatusSerializer + end + + def reject + authorize [:admin, :status], :review? + + status = Status.find(params[:id]) + status.update(trendable: false) + render json: status, serializer: REST::Admin::Trends::StatusSerializer + end private |