cleaned up, added threadreplies, added info

app/controllers/blogposts_controller.rb

@@ -1,71 +1,50 @@
 class BlogpostsController < ApplicationController
 
+  before_filter :set_post, except: [:index, :new, :create]
+  before_filter :auth, except: [:index, :show]
+
   def index
     @posts = Blogpost.all.reverse
   end
 
   def show
-    @post = Blogpost.find(params[:id])
     @comment = Comment.new(blogpost: @post)
   end
 
   def new
-    if mod?
-      @post = Blogpost.new
-    else
-      flash[:alert] = "You are not allowed to create a new post!"
-      redirect_to blogposts_path
-    end
+    @post = Blogpost.new
   end
 
   def edit
-      @post = Blogpost.find(params[:id])
-      if mod?
-    else
-      flash[:alert] = "You are not allowed to edit this post!"
-      redirect_to @post
-    end
   end
 
   def create
-    if mod?
-      @post = Blogpost.new(post_params)
-      @post.user_author = current_user
-      if @post.save
-        redirect_to @post, notice: 'Post has been created.'
-      else
-        flash[:alert] = "Error creating blogpost"
-        render action: "new"
-      end
+    @post = Blogpost.new(post_params)
+    @post.user_author = current_user
+    if @post.save
+      redirect_to @post, notice: 'Post has been created.'
     else
-      flash[:alert] = "You are not allowed to create new posts"
-      redirect_to blog_path
+      flash[:alert] = "Error creating blogpost"
+      render action: "new"
     end
   end
 
   def update
-    @post = Blogpost.find(params[:id])
-    if mod? || @comment.author.is?(current_user)
-      @post.user_editor = current_user
-      if @post.update_attributes(post_params([:user_editor]))
-        redirect_to @post, notice: 'Post has been updated.'
-      else
-        flash[:alert] = "There was a problem while updating the post"
-        render action: "edit"
-      end
+    @post.user_editor = current_user
+    @post.attributes = post_params([:user_editor])
+    if @post.save
+      redirect_to @post, notice: 'Post has been updated.'
+    else
+      flash[:alert] = "There was a problem while updating the post"
+      render action: "edit"
     end
   end
 
   def destroy
-    @post = Blogpost.find(params[:id])
-    if mod?
-      if @post.destroy
-        flash[:notice] = "Post deleted!"
-      else
-        flash[:alert] = "There was a problem while deleting this Post"
-      end
+    if @post.destroy
+      flash[:notice] = "Post deleted!"
     else
-      flash[:alert] = "You are not allowed to delete this Post"
+      flash[:alert] = "There was a problem while deleting this Post"
     end
     redirect_to blogposts_path
   end
@@ -78,4 +57,18 @@ class BlogpostsController < ApplicationController
     a += add
     params.require(:blogpost).permit(a)
   end
+
+  def set_post
+    if params[:id]
+      @post = Blogpost.find(params[:id])
+    end
+  end
+
+  def auth
+    unless mod?
+      flash[:alert] = "You are not allowed to edit posts!"
+      redirect_to @post ? @post : blogposts_path
+    end
+  end
+
 end

app/controllers/comments_controller.rb

@@ -29,7 +29,9 @@ class CommentsController < ApplicationController
   def update
     @comment = Comment.find(params[:id])
     if mod? || @comment.author.is?(current_user)
-      if @comment.update_attributes(comment_params)
+      @comment.user_editor = current_user
+      @comment.attributes = comment_params
+      if @comment.save
         flash[:notice] = "Comment updated!"
         redirect_to blogpost_path(@comment.blogpost) + "#comment-#{@comment.id}"
       else

app/controllers/forumthreads_controller.rb

@@ -12,7 +12,8 @@ class ForumthreadsController < ApplicationController
   def update
     if mod? || @thread.author.is?(current_user)
       @thread.user_editor = current_user
-      if @thread.update_attributes thread_params([:user_editor])
+      @thread.attributes = thread_params([:user_editor])
+      if @thread.save
         redirect_to @thread, notice: 'Post has been updated.'
       else
         flash[:alert] = "There was a problem while updating the post"

app/controllers/info_controller.rb

@@ -0,0 +1,68 @@
+class InfoController < ApplicationController
+
+  before_filter :set_info, except: [:index, :new, :create]
+  before_filter :auth, except: [:index, :show]
+
+  def index
+    @info = Info.all.sort_by{|i| i.title}
+  end
+
+  def show
+  end
+
+  def new
+    @info = Info.new
+  end
+
+  def edit
+  end
+
+  def create
+    @info = Info.new(info_params)
+    if @info.save
+      redirect_to @info, notice: 'Info has been created.'
+    else
+      flash[:alert] = "Error creating info"
+      render action: "new"
+    end
+  end
+
+  def update
+    @info.attributes = info_params()
+    if @info.save
+      redirect_to @info, notice: 'Info has been updated.'
+    else
+      flash[:alert] = "There was a problem while updating the info"
+      render action: "edit"
+    end
+  end
+
+  def destroy
+    if @info.destroy
+      flash[:notice] = "Info deleted!"
+    else
+      flash[:alert] = "There was a problem while deleting this info"
+    end
+    redirect_to info_index_path
+  end
+
+
+  private
+
+  def info_params(add = [])
+    a = [:title, :content]
+    a += add
+    params.require(:info).permit(a)
+  end
+
+  def set_info
+    @info = Info.find(params[:id])
+  end
+
+  def auth
+    unless mod?
+      flash[:alert] = "You are not allowed to edit info!"
+      redirect_to @info ? @info : info_index_path
+    end
+  end
+end

app/controllers/threadreplies_controller.rb

@@ -1,3 +1,65 @@
 class ThreadrepliesController < ApplicationController
 
+  def edit
+    @reply = Threadreply.find(params[:id])
+    if mod? || @reply.author.is?(current_user)
+    else
+      flash[:alert] = "You are not allowed to edit this reply"
+      redirect_to @reply.thread
+    end
+  end
+
+  def create
+    thread = Forumthread.find(params[:forumthread_id])
+    if thread.can_write?(current_user)
+      @reply = Threadreply.new(reply_params)
+      @reply.user_author = current_user
+      @reply.forumthread = thread
+      if @reply.save
+        redirect_to forumthread_path(@reply.thread) + "#reply-#{@reply.id}", notice: 'Reply created!'
+      else
+        flash[:alert] = "Could not create reply."
+        redirect_to Blogpost.find(params[:forumthread_id])
+      end
+    else
+      flash[:alert] = "You are not allowed to create replies."
+      redirect_to Blogpost.find(params[:forumthread_id])
+    end
+  end
+
+  def update
+    @reply = Threadreply.find(params[:id])
+    if mod? || @reply.author.is?(current_user)
+      if @reply.update_attributes(reply_params)
+        flash[:notice] = "Reply updated!"
+        redirect_to forumthread_path(@reply.thread) + "#reply-#{@reply.id}"
+      else
+        flash[:alert] = "There was a problem while updating your reply"
+        render action: "edit"
+      end
+    else
+      flash[:alert] = "You are not allowed to edit this reply"
+      redirect_to @reply.thread
+    end
+  end
+
+  def destroy
+    @reply = Threadreply.find(params[:id])
+    if mod? || @reply.author.is?(current_user)
+      if @reply.destroy
+        flash[:notice] = "Reply deleted!"
+      else
+        flash[:alert] = "There was a problem while deleting this reply"
+      end
+    else
+      flash[:alert] = "You are not allowed to delete this reply"
+    end
+    redirect_to @reply.thread
+  end
+
+  private
+
+  def reply_params
+    params.require(:threadreply).permit(:content)
+  end
 end