add update endpoint for jobs
This commit is contained in:
parent
b91ef0a4dd
commit
b458335e31
2 changed files with 39 additions and 4 deletions
|
|
@ -3,8 +3,10 @@
|
|||
module Api
|
||||
module V1
|
||||
class JobsController < Api::V1::ApiController
|
||||
before_action :set, only: %w[update_job update_job_skills destroy_job_skill]
|
||||
before_action :authorize, only: %w[update_job update_job_skills destroy_job_skill]
|
||||
before_action :set_party, only: %w[update_job update_job_skills destroy_job_skill]
|
||||
before_action :authorize_party, only: %w[update_job update_job_skills destroy_job_skill]
|
||||
before_action :set_job, only: %w[update]
|
||||
before_action :ensure_editor_role, only: %w[update]
|
||||
|
||||
def all
|
||||
render json: JobBlueprint.render(Job.all)
|
||||
|
|
@ -14,6 +16,16 @@ module Api
|
|||
render json: JobBlueprint.render(Job.find_by(granblue_id: params[:id]))
|
||||
end
|
||||
|
||||
# PATCH/PUT /jobs/:id
|
||||
# Updates an existing job record
|
||||
def update
|
||||
if @job.update(job_update_params)
|
||||
render json: JobBlueprint.render(@job)
|
||||
else
|
||||
render_validation_error_response(@job)
|
||||
end
|
||||
end
|
||||
|
||||
def update_job
|
||||
if job_params[:job_id] != -1
|
||||
# Extract job and find its main skills
|
||||
|
|
@ -177,15 +189,37 @@ module Api
|
|||
end
|
||||
end
|
||||
|
||||
def authorize
|
||||
def authorize_party
|
||||
render_unauthorized_response if @party.user != current_user || @party.edit_key != edit_key
|
||||
end
|
||||
|
||||
def set
|
||||
def set_party
|
||||
@party = Party.find_by(shortcode: params[:id])
|
||||
render_not_found_response('party') unless @party
|
||||
end
|
||||
|
||||
def set_job
|
||||
@job = Job.find_by(granblue_id: params[:id])
|
||||
render_not_found_response('job') unless @job
|
||||
end
|
||||
|
||||
# Ensures the current user has editor role (role >= 7)
|
||||
def ensure_editor_role
|
||||
return if current_user&.role && current_user.role >= 7
|
||||
|
||||
Rails.logger.warn "[JOBS] Unauthorized access attempt by user #{current_user&.id}"
|
||||
render json: { error: 'Unauthorized - Editor role required' }, status: :unauthorized
|
||||
end
|
||||
|
||||
def job_update_params
|
||||
params.permit(
|
||||
:name_en, :name_jp, :granblue_id,
|
||||
:proficiency1, :proficiency2, :row, :order,
|
||||
:master_level, :ultimate_mastery,
|
||||
:accessory, :accessory_type, :base_job_id
|
||||
)
|
||||
end
|
||||
|
||||
def job_params
|
||||
params.require(:party).permit(
|
||||
:job_id,
|
||||
|
|
|
|||
|
|
@ -88,6 +88,7 @@ Rails.application.routes.draw do
|
|||
|
||||
get 'jobs/skills', to: 'job_skills#all'
|
||||
get 'jobs/:id', to: 'jobs#show'
|
||||
put 'jobs/:id', to: 'jobs#update'
|
||||
get 'jobs/:id/skills', to: 'job_skills#job'
|
||||
get 'jobs/:id/accessories', to: 'job_accessories#job'
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue