gab-social/app/controllers/api/v1/groups/pins_controller.rb
mgabdev 33369c5fbf Added authorization to pin group statuses
• Added:
- authorization to pin group statuses
2020-10-06 19:46:30 -04:00

43 lines
843 B
Ruby

# frozen_string_literal: true
class Api::V1::Groups::PinsController < Api::BaseController
include Authorization
before_action -> { doorkeeper_authorize! :write, :'write:groups' }
before_action :require_user!
before_action :set_group
before_action :set_status
respond_to :json
def create
authorize @group, :update?
GroupPinnedStatus.create!(group: @group, status: @status)
render json: @status, serializer: REST::StatusSerializer
end
def destroy
authorize @group, :update?
pin = GroupPinnedStatus.find_by(group: @group, status: @status)
if pin
pin.destroy!
end
render json: @status, serializer: REST::StatusSerializer
end
private
def set_status
@status = Status.find(params[:statusId])
end
def set_group
@group = Group.find(params[:group_id])
end
end