diff options
-rw-r--r-- | app/controllers/api/companies_controller.rb | 45 | ||||
-rw-r--r-- | app/controllers/master_controller.rb | 14 | ||||
-rw-r--r-- | app/controllers/serializers/company_serializer.rb | 12 | ||||
-rw-r--r-- | config/routes.rb | 1 |
4 files changed, 72 insertions, 0 deletions
diff --git a/app/controllers/api/companies_controller.rb b/app/controllers/api/companies_controller.rb new file mode 100644 index 0000000..4317682 --- /dev/null +++ b/app/controllers/api/companies_controller.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true + +module Api + # CompaniesController + class CompaniesController < MasterController + skip_before_action :validate_jwt, only: %i[show index] + skip_before_action :assert_master_role, onlt: %i[show index] + + def index + @companies = Company.all + + render json: serialized_collection.serializable_hash, status: 200 + end + + def show + @company = Company.find_by(short_name: params[:id]) + + render json: serialized_object.serializable_hash, status: :ok and return if @company + + render json: { error_message: "No se encontró la compañía #{params[:short_name]}" }, status: :not_found + end + + def create + @company = Company.new(permitted_params) + + render json: serialized_object.serializable_hash, status: :ok and return if @company.save + + render json: { error_messages: @company.errors.full_messages }, status: :unprocessable_entity + end + + private + + def serialized_object + Serializers::CompanySerializer.new(@company) + end + + def serialized_collection + Serializers::CompanySerializer.new(@companies.page(params[:page])) + end + + def permitted_params + params.permit(:name, :country, :short_name, :logo) + end + end +end diff --git a/app/controllers/master_controller.rb b/app/controllers/master_controller.rb new file mode 100644 index 0000000..b2075d5 --- /dev/null +++ b/app/controllers/master_controller.rb @@ -0,0 +1,14 @@ +# frozen_string_literal: true + +# The father class of all controllers that require the master role to fulfill requests. +class MasterController < AuthenticatedController + before_action :assert_master_role + + private + + def assert_master_role + return if current_user_account.role == 'master' + + render json: { error_message: 'No cuenta con los permisos necesarios' }, status: :forbidden + end +end diff --git a/app/controllers/serializers/company_serializer.rb b/app/controllers/serializers/company_serializer.rb new file mode 100644 index 0000000..ec3f200 --- /dev/null +++ b/app/controllers/serializers/company_serializer.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +module Serializers + # CompanySerializer + class CompanySerializer < BaseSerializer + attributes :id, :name, :country, :short_name + + attribute :logo do |object| + url_for(object.logo) + end + end +end diff --git a/config/routes.rb b/config/routes.rb index 1728bcc..b74623a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -9,6 +9,7 @@ Rails.application.routes.draw do post '/login', to: 'sessions#create' delete '/logout', to: 'sessions#destroy' get '/account', to: 'user_accounts#show' + resources :companies, only: %i[index show create] resources :user_accounts, only: %i[create] resources :refresh_tokens, only: %i[create] end |