52 lines
1.5 KiB
Ruby
52 lines
1.5 KiB
Ruby
class InvitationsController < ApplicationController
|
|
before_action :authenticate_user!, except: ["show"]
|
|
before_action :require_user_signed_out, only: ["show"]
|
|
|
|
# GET /invitations
|
|
def index
|
|
@invitations_unused = current_user.invitations.unused
|
|
@invitations_used = current_user.invitations.used.order('used_at desc')
|
|
@current_section = :invitations
|
|
end
|
|
|
|
# GET /invitations/a-random-invitation-token
|
|
def show
|
|
token = session[:invitation_token] = params[:id]
|
|
|
|
if Invitation.where(token: token, used_at: nil).exists?
|
|
redirect_to signup_path and return
|
|
else
|
|
flash.now[:alert] = "This invitation either doesn't exist or has already been used."
|
|
http_status :unauthorized
|
|
end
|
|
end
|
|
|
|
# POST /invitations
|
|
def create
|
|
@invitation = Invitation.new(user: current_user)
|
|
|
|
respond_to do |format|
|
|
if @invitation.save
|
|
format.html do redirect_to @invitation, flash: {
|
|
success: 'Invitation was successfully created.'
|
|
}
|
|
end
|
|
format.json { render :show, status: :created, location: @invitation }
|
|
else
|
|
format.html { render :new }
|
|
format.json { render json: @invitation.errors, status: :unprocessable_entity }
|
|
end
|
|
end
|
|
end
|
|
|
|
# DELETE /invitations/1
|
|
def destroy
|
|
@invitation = current_user.invitations.find(params[:id])
|
|
@invitation.destroy
|
|
respond_to do |format|
|
|
format.html { redirect_to invitations_url }
|
|
format.json { head :no_content }
|
|
end
|
|
end
|
|
end
|