add update endpoint for jobs
This commit is contained in:
parent
b91ef0a4dd
commit
b458335e31
2 changed files with 39 additions and 4 deletions
|
|
@ -3,8 +3,10 @@
|
||||||
module Api
|
module Api
|
||||||
module V1
|
module V1
|
||||||
class JobsController < Api::V1::ApiController
|
class JobsController < Api::V1::ApiController
|
||||||
before_action :set, only: %w[update_job update_job_skills destroy_job_skill]
|
before_action :set_party, only: %w[update_job update_job_skills destroy_job_skill]
|
||||||
before_action :authorize, only: %w[update_job update_job_skills destroy_job_skill]
|
before_action :authorize_party, only: %w[update_job update_job_skills destroy_job_skill]
|
||||||
|
before_action :set_job, only: %w[update]
|
||||||
|
before_action :ensure_editor_role, only: %w[update]
|
||||||
|
|
||||||
def all
|
def all
|
||||||
render json: JobBlueprint.render(Job.all)
|
render json: JobBlueprint.render(Job.all)
|
||||||
|
|
@ -14,6 +16,16 @@ module Api
|
||||||
render json: JobBlueprint.render(Job.find_by(granblue_id: params[:id]))
|
render json: JobBlueprint.render(Job.find_by(granblue_id: params[:id]))
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# PATCH/PUT /jobs/:id
|
||||||
|
# Updates an existing job record
|
||||||
|
def update
|
||||||
|
if @job.update(job_update_params)
|
||||||
|
render json: JobBlueprint.render(@job)
|
||||||
|
else
|
||||||
|
render_validation_error_response(@job)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def update_job
|
def update_job
|
||||||
if job_params[:job_id] != -1
|
if job_params[:job_id] != -1
|
||||||
# Extract job and find its main skills
|
# Extract job and find its main skills
|
||||||
|
|
@ -177,15 +189,37 @@ module Api
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def authorize
|
def authorize_party
|
||||||
render_unauthorized_response if @party.user != current_user || @party.edit_key != edit_key
|
render_unauthorized_response if @party.user != current_user || @party.edit_key != edit_key
|
||||||
end
|
end
|
||||||
|
|
||||||
def set
|
def set_party
|
||||||
@party = Party.find_by(shortcode: params[:id])
|
@party = Party.find_by(shortcode: params[:id])
|
||||||
render_not_found_response('party') unless @party
|
render_not_found_response('party') unless @party
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def set_job
|
||||||
|
@job = Job.find_by(granblue_id: params[:id])
|
||||||
|
render_not_found_response('job') unless @job
|
||||||
|
end
|
||||||
|
|
||||||
|
# Ensures the current user has editor role (role >= 7)
|
||||||
|
def ensure_editor_role
|
||||||
|
return if current_user&.role && current_user.role >= 7
|
||||||
|
|
||||||
|
Rails.logger.warn "[JOBS] Unauthorized access attempt by user #{current_user&.id}"
|
||||||
|
render json: { error: 'Unauthorized - Editor role required' }, status: :unauthorized
|
||||||
|
end
|
||||||
|
|
||||||
|
def job_update_params
|
||||||
|
params.permit(
|
||||||
|
:name_en, :name_jp, :granblue_id,
|
||||||
|
:proficiency1, :proficiency2, :row, :order,
|
||||||
|
:master_level, :ultimate_mastery,
|
||||||
|
:accessory, :accessory_type, :base_job_id
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
def job_params
|
def job_params
|
||||||
params.require(:party).permit(
|
params.require(:party).permit(
|
||||||
:job_id,
|
:job_id,
|
||||||
|
|
|
||||||
|
|
@ -88,6 +88,7 @@ Rails.application.routes.draw do
|
||||||
|
|
||||||
get 'jobs/skills', to: 'job_skills#all'
|
get 'jobs/skills', to: 'job_skills#all'
|
||||||
get 'jobs/:id', to: 'jobs#show'
|
get 'jobs/:id', to: 'jobs#show'
|
||||||
|
put 'jobs/:id', to: 'jobs#update'
|
||||||
get 'jobs/:id/skills', to: 'job_skills#job'
|
get 'jobs/:id/skills', to: 'job_skills#job'
|
||||||
get 'jobs/:id/accessories', to: 'job_accessories#job'
|
get 'jobs/:id/accessories', to: 'job_accessories#job'
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue