mirror of
https://github.com/System-End/theseus.git
synced 2026-04-19 19:55:10 +00:00
50 lines
1 KiB
Ruby
50 lines
1 KiB
Ruby
class APIKeysController < ApplicationController
|
|
before_action :set_api_key, except: [:index, :new, :create]
|
|
|
|
def index
|
|
authorize APIKey
|
|
@api_keys = policy_scope(APIKey)
|
|
end
|
|
|
|
def new
|
|
authorize APIKey
|
|
@api_key = APIKey.new(user: current_user)
|
|
end
|
|
|
|
def create
|
|
permitted_params = [:name, :pii]
|
|
permitted_params << :may_impersonate if current_user.admin?
|
|
|
|
@api_key = APIKey.new(params.require(:api_key).permit(*permitted_params).merge(user: current_user))
|
|
|
|
authorize @api_key
|
|
|
|
if @api_key.save
|
|
redirect_to api_key_path(@api_key)
|
|
else
|
|
flash[:error] = @api_key.errors.full_messages.to_sentence
|
|
redirect_to new_api_key_path(@api_key)
|
|
end
|
|
end
|
|
|
|
def show
|
|
authorize @api_key
|
|
end
|
|
|
|
def revoke_confirm
|
|
authorize @api_key
|
|
end
|
|
|
|
def revoke
|
|
authorize @api_key
|
|
@api_key.revoke!
|
|
flash[:success] = "terminated with extreme prejudice."
|
|
redirect_to api_key_path(@api_key)
|
|
end
|
|
|
|
private
|
|
|
|
def set_api_key
|
|
@api_key = policy_scope(APIKey).find(params[:id])
|
|
end
|
|
end
|