Justin Edmund
c3d9efa349
* add jobs search endpoint with pg_search - add en_search and ja_search scopes to Job model - add jobs action to SearchController with filtering - supports row, proficiency, master_level, ultimate_mastery, accessory filters * add jobs create endpoint * add job accessories CRUD - add accessory_type to blueprint - add index, show, create, update, destroy actions - editors only for mutations * add routes for jobs search, create, and accessories CRUD
86 lines
2.8 KiB
Ruby
86 lines
2.8 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module Api
|
|
module V1
|
|
class JobAccessoriesController < Api::V1::ApiController
|
|
before_action :doorkeeper_authorize!, only: %i[create update destroy]
|
|
before_action :ensure_editor_role, only: %i[create update destroy]
|
|
|
|
# GET /job_accessories
|
|
# Optional filter: ?accessory_type=1 (1=Shield, 2=Manatura)
|
|
def index
|
|
accessories = JobAccessory.includes(:job).all
|
|
accessories = accessories.where(accessory_type: params[:accessory_type]) if params[:accessory_type].present?
|
|
accessories = accessories.order(:accessory_type, :granblue_id)
|
|
render json: JobAccessoryBlueprint.render(accessories)
|
|
end
|
|
|
|
# GET /job_accessories/:id
|
|
# Supports lookup by granblue_id or uuid
|
|
def show
|
|
accessory = find_accessory
|
|
return render_not_found_response('job_accessory') unless accessory
|
|
|
|
render json: JobAccessoryBlueprint.render(accessory)
|
|
end
|
|
|
|
# POST /job_accessories
|
|
def create
|
|
accessory = JobAccessory.new(job_accessory_params)
|
|
if accessory.save
|
|
render json: JobAccessoryBlueprint.render(accessory), status: :created
|
|
else
|
|
render_validation_error_response(accessory)
|
|
end
|
|
end
|
|
|
|
# PUT /job_accessories/:id
|
|
def update
|
|
accessory = find_accessory
|
|
return render_not_found_response('job_accessory') unless accessory
|
|
|
|
if accessory.update(job_accessory_params)
|
|
render json: JobAccessoryBlueprint.render(accessory)
|
|
else
|
|
render_validation_error_response(accessory)
|
|
end
|
|
end
|
|
|
|
# DELETE /job_accessories/:id
|
|
def destroy
|
|
accessory = find_accessory
|
|
return render_not_found_response('job_accessory') unless accessory
|
|
|
|
accessory.destroy
|
|
head :no_content
|
|
end
|
|
|
|
# GET /jobs/:id/accessories
|
|
# Legacy endpoint - get accessories for a specific job
|
|
def job
|
|
job = Job.find_by(granblue_id: params[:id]) || Job.find_by(id: params[:id])
|
|
return render_not_found_response('job') unless job
|
|
|
|
accessories = JobAccessory.where(job_id: job.id)
|
|
render json: JobAccessoryBlueprint.render(accessories)
|
|
end
|
|
|
|
private
|
|
|
|
def find_accessory
|
|
JobAccessory.find_by(granblue_id: params[:id]) || JobAccessory.find_by(id: params[:id])
|
|
end
|
|
|
|
def job_accessory_params
|
|
params.permit(:name_en, :name_jp, :granblue_id, :rarity, :release_date, :accessory_type, :job_id)
|
|
end
|
|
|
|
def ensure_editor_role
|
|
return if current_user&.role && current_user.role >= 7
|
|
|
|
Rails.logger.warn "[JOB_ACCESSORIES] Unauthorized access attempt by user #{current_user&.id}"
|
|
render json: { error: 'Unauthorized - Editor role required' }, status: :unauthorized
|
|
end
|
|
end
|
|
end
|
|
end
|