scinote-web/app/controllers/api/v1/users_controller.rb

30 lines
803 B
Ruby
Raw Normal View History

2018-08-21 19:56:14 +08:00
# frozen_string_literal: true
module Api
module V1
class UsersController < BaseController
before_action :load_team, only: :index
2018-08-21 19:56:14 +08:00
before_action :load_user, only: :show
def index
users = timestamps_filter(@team.users).page(params.dig(:page, :number))
.per(params.dig(:page, :size))
render jsonapi: users, each_serializer: UserSerializer
end
2018-08-21 19:56:14 +08:00
def show
render jsonapi: @user, serializer: UserSerializer
2018-08-21 19:56:14 +08:00
end
private
def load_user
@user = User.joins(:teams)
.where(user_assignments: { assignable: current_user.teams })
.find_by(id: params[:id])
raise PermissionError.new(User, :read) unless @user
2018-08-21 19:56:14 +08:00
end
end
end
end