cleaned up, added threadreplies, added info

2014-04-20 03:07:39 +02:00
parent 097f9b1ba4
commit cbafa3c46a
24 changed files with 354 additions and 132 deletions
--- a/app/controllers/blogposts_controller.rb
+++ b/app/controllers/blogposts_controller.rb
@@ -1,71 +1,50 @@
 class BlogpostsController < ApplicationController

+  before_filter :set_post, except: [:index, :new, :create]
+  before_filter :auth, except: [:index, :show]
+
  def index
    @posts = Blogpost.all.reverse
  end

  def show
-    @post = Blogpost.find(params[:id])
    @comment = Comment.new(blogpost: @post)
  end

  def new
-    if mod?
-      @post = Blogpost.new
-    else
-      flash[:alert] = "You are not allowed to create a new post!"
-      redirect_to blogposts_path
-    end
+    @post = Blogpost.new
  end

  def edit
-      @post = Blogpost.find(params[:id])
-      if mod?
-    else
-      flash[:alert] = "You are not allowed to edit this post!"
-      redirect_to @post
-    end
  end

  def create
-    if mod?
-      @post = Blogpost.new(post_params)
-      @post.user_author = current_user
-      if @post.save
-        redirect_to @post, notice: 'Post has been created.'
-      else
-        flash[:alert] = "Error creating blogpost"
-        render action: "new"
-      end
+    @post = Blogpost.new(post_params)
+    @post.user_author = current_user
+    if @post.save
+      redirect_to @post, notice: 'Post has been created.'
    else
-      flash[:alert] = "You are not allowed to create new posts"
-      redirect_to blog_path
+      flash[:alert] = "Error creating blogpost"
+      render action: "new"
    end
  end

  def update
-    @post = Blogpost.find(params[:id])
-    if mod? || @comment.author.is?(current_user)
-      @post.user_editor = current_user
-      if @post.update_attributes(post_params([:user_editor]))
-        redirect_to @post, notice: 'Post has been updated.'
-      else
-        flash[:alert] = "There was a problem while updating the post"
-        render action: "edit"
-      end
+    @post.user_editor = current_user
+    @post.attributes = post_params([:user_editor])
+    if @post.save
+      redirect_to @post, notice: 'Post has been updated.'
+    else
+      flash[:alert] = "There was a problem while updating the post"
+      render action: "edit"
    end
  end

  def destroy
-    @post = Blogpost.find(params[:id])
-    if mod?
-      if @post.destroy
-        flash[:notice] = "Post deleted!"
-      else
-        flash[:alert] = "There was a problem while deleting this Post"
-      end
+    if @post.destroy
+      flash[:notice] = "Post deleted!"
    else
-      flash[:alert] = "You are not allowed to delete this Post"
+      flash[:alert] = "There was a problem while deleting this Post"
    end
    redirect_to blogposts_path
  end
@@ -78,4 +57,18 @@ class BlogpostsController < ApplicationController
    a += add
    params.require(:blogpost).permit(a)
  end
+
+  def set_post
+    if params[:id]
+      @post = Blogpost.find(params[:id])
+    end
+  end
+
+  def auth
+    unless mod?
+      flash[:alert] = "You are not allowed to edit posts!"
+      redirect_to @post ? @post : blogposts_path
+    end
+  end
+
 end