/api/app/controllers/spree/api/v1/return_authorizations_controller.rb
Ruby | 70 lines | 61 code | 9 blank | 0 comment | 3 complexity | 710565f2a866564712cec7888c612b00 MD5 | raw file
Possible License(s): BSD-3-Clause
- module Spree
- module Api
- module V1
- class ReturnAuthorizationsController < Spree::Api::BaseController
- def create
- authorize! :create, ReturnAuthorization
- @return_authorization = order.return_authorizations.build(return_authorization_params)
- if @return_authorization.save
- respond_with(@return_authorization, status: 201, default_template: :show)
- else
- invalid_resource!(@return_authorization)
- end
- end
- def destroy
- @return_authorization = order.return_authorizations.accessible_by(current_ability, :destroy).find(params[:id])
- @return_authorization.destroy
- respond_with(@return_authorization, status: 204)
- end
- def index
- authorize! :admin, ReturnAuthorization
- @return_authorizations = order.return_authorizations.accessible_by(current_ability).
- ransack(params[:q]).result.
- page(params[:page]).per(params[:per_page])
- respond_with(@return_authorizations)
- end
- def new
- authorize! :admin, ReturnAuthorization
- end
- def show
- authorize! :admin, ReturnAuthorization
- @return_authorization = order.return_authorizations.accessible_by(current_ability, :show).find(params[:id])
- respond_with(@return_authorization)
- end
- def update
- @return_authorization = order.return_authorizations.accessible_by(current_ability, :update).find(params[:id])
- if @return_authorization.update(return_authorization_params)
- respond_with(@return_authorization, default_template: :show)
- else
- invalid_resource!(@return_authorization)
- end
- end
- def cancel
- @return_authorization = order.return_authorizations.accessible_by(current_ability, :update).find(params[:id])
- if @return_authorization.cancel
- respond_with @return_authorization, default_template: :show
- else
- invalid_resource!(@return_authorization)
- end
- end
- private
- def order
- @order ||= Spree::Order.find_by!(number: order_id)
- authorize! :show, @order
- end
- def return_authorization_params
- params.require(:return_authorization).permit(permitted_return_authorization_attributes)
- end
- end
- end
- end
- end