46 lines
1.1 KiB
Ruby
46 lines
1.1 KiB
Ruby
class MessagesController < ApplicationController
|
|
skip_before_action :verify_authenticity_token, only: %i[ create ]
|
|
|
|
before_action :set_contest, only: %i[ destroy ]
|
|
before_action :set_message, only: %i[ destroy ]
|
|
|
|
def create
|
|
allow_unauthenticated_access
|
|
skip_authorization
|
|
|
|
@message_params = message_params
|
|
@contest = Contest.find_by_token_for(:token, params[:token])
|
|
@message = Message.new(text: params[:text], time_seconds: params[:time_seconds], contest: @contest)
|
|
if @contest && @message.save
|
|
respond_to do |format|
|
|
format.json { render json: {}, status: 200 }
|
|
end
|
|
else
|
|
respond_to do |format|
|
|
format.json { render json: { error: "invalid contest token" }, status: 400 }
|
|
end
|
|
end
|
|
end
|
|
|
|
def destroy
|
|
authorize @contest
|
|
|
|
@message.destroy
|
|
redirect_to contest_path(@contest)
|
|
end
|
|
|
|
private
|
|
|
|
def set_contest
|
|
@contest = Contest.find(params[:contest_id])
|
|
end
|
|
|
|
def set_message
|
|
@message = Message.find(params[:id])
|
|
end
|
|
|
|
def message_params
|
|
params.expect(message: [ :text, :time_seconds, :token ])
|
|
end
|
|
end
|