app/controllers/v1/users_controller.rb
module V1
class UsersController < ApplicationController
before_action :set_user, only: [:show, :update, :destroy]
# GET /users
def index
@users = User.search(params[:search]).page(params[:page])
render json: @users
end
# GET /users/1
def show
render json: @user
end
# POST /users
def create
@user = User.new(user_params)
if @user.save
render json: @user, status: :created
else
render json: @user, status: :unprocessable_entity, serializer: ActiveModel::Serializer::ErrorSerializer
end
end
# PATCH/PUT /users/1
def update
if @user.update(user_params)
render json: @user
else
render json: @user, status: :unprocessable_entity, serializer: ActiveModel::Serializer::ErrorSerializer
end
end
# DELETE /users/1
def destroy
@user.destroy
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
if params[:id] === "current"
@user = AuthorizeApiRequest.call(request.headers).result
else
@user = User.find(params[:id])
end
end
# Only allow a trusted parameter "white list" through.
def user_params
params.require(:data)
.require(:attributes)
.permit(:name, :email, :password)
end
end
end