Added ability to set password for groups

• Added: - ability to set password for groups - GroupPasswordModal - checks for if has password - rate limiting in rack_attack
2020-09-11 17:27:00 -05:00
parent 1baa123e25
commit 6d85c76c8f
13 changed files with 435 additions and 71 deletions
--- a/app/controllers/api/v1/groups/password_controller.rb
+++ b/app/controllers/api/v1/groups/password_controller.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+class Api::V1::Groups::PasswordController < Api::BaseController
+  
+  include Authorization
+
+  before_action :require_user!
+  before_action :set_group
+
+  respond_to :json
+
+  def create
+    authorize @group, :join?
+
+    if params[:password] == @group.password
+      if @group.is_private
+        @group.join_requests << current_account
+        render json: @group, serializer: REST::GroupRelationshipSerializer, relationships: relationships
+      else
+        @group.accounts << current_account
+        render json: @group, serializer: REST::GroupRelationshipSerializer, relationships: relationships
+      end
+    else
+      render json: { error: true, message: 'Invalid group password' }, status: 403
+    end
+  end
+
+  private
+
+  def set_group
+    @group = Group.find(params[:group_id])
+  end
+
+  def relationships
+    GroupRelationshipsPresenter.new([@group.id], current_user.account_id)
+  end
+
+end