1
0

invites_controller.rb 969 B

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152
  1. # frozen_string_literal: true
  2. class InvitesController < ApplicationController
  3. include Authorization
  4. layout 'admin'
  5. before_action :authenticate_user!
  6. before_action :set_cache_headers
  7. def index
  8. authorize :invite, :create?
  9. @invites = invites
  10. @invite = Invite.new
  11. end
  12. def create
  13. authorize :invite, :create?
  14. @invite = Invite.new(resource_params)
  15. @invite.user = current_user
  16. if @invite.save
  17. redirect_to invites_path
  18. else
  19. @invites = invites
  20. render :index
  21. end
  22. end
  23. def destroy
  24. @invite = invites.find(params[:id])
  25. authorize @invite, :destroy?
  26. @invite.expire!
  27. redirect_to invites_path
  28. end
  29. private
  30. def invites
  31. current_user.invites.order(id: :desc)
  32. end
  33. def resource_params
  34. params.require(:invite).permit(:max_uses, :expires_in, :autofollow, :comment)
  35. end
  36. def set_cache_headers
  37. response.cache_control.replace(private: true, no_store: true)
  38. end
  39. end