app/controllers/ratings_controller.rb
# frozen_string_literal: true
# Restful controller for Ratings
class RatingsController < ApplicationController
before_action :set_rating, only: %i[show edit update destroy]
# GET /ratings
# GET /ratings.json
def index
@ratings = Rating.all
return unless params[:playbook_id]
@ratings = @ratings.where(playbook_id: params[:playbook_id])
end
# GET /ratings/1
# GET /ratings/1.json
def show() end
# GET /ratings/new
def new
@rating = Rating.new
authorize @rating
end
# GET /ratings/1/edit
def edit() end
# POST /ratings
# POST /ratings.json
def create
@rating = Rating.new(rating_params)
authorize @rating
respond_to do |format|
if @rating.save
format.html { redirect_to @rating, notice: 'Rating was successfully created.' }
format.json { render :show, status: :created, location: @rating }
else
format.html { render :new }
format.json { render json: @rating.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /ratings/1
# PATCH/PUT /ratings/1.json
def update
respond_to do |format|
if @rating.update(rating_params)
format.html { redirect_to @rating, notice: 'Rating was successfully updated.' }
format.json { render :show, status: :ok, location: @rating }
else
format.html { render :edit }
format.json { render json: @rating.errors, status: :unprocessable_entity }
end
end
end
# DELETE /ratings/1
# DELETE /ratings/1.json
def destroy
@rating.destroy
respond_to do |format|
format.html { redirect_to ratings_url, notice: 'Rating was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_rating
@rating = Rating.find(params[:id])
authorize @rating
end
# Never trust parameters from the scary internet,
# only permit the allow list through.
def rating_params
params.require(:rating)
.permit(:playbook_id, *Rating::LIST)
end
end