Commit cd3c849a by ivan Lan

Add merchant_auth & Add merchant base controller and cutsomer's

parent 5593c5be
...@@ -17,6 +17,7 @@ module Shotengai ...@@ -17,6 +17,7 @@ module Shotengai
autoload :Base, 'shotengai/controllers/base' autoload :Base, 'shotengai/controllers/base'
module Merchant module Merchant
autoload :Base, 'shotengai/controllers/merchant/base'
autoload :ProductsController, 'shotengai/controllers/merchant/products_controller' autoload :ProductsController, 'shotengai/controllers/merchant/products_controller'
autoload :ProductSnapshotsController, 'shotengai/controllers/merchant/product_snapshots_controller' autoload :ProductSnapshotsController, 'shotengai/controllers/merchant/product_snapshots_controller'
autoload :ProductSeriesController, 'shotengai/controllers/merchant/product_series_controller' autoload :ProductSeriesController, 'shotengai/controllers/merchant/product_series_controller'
...@@ -24,6 +25,7 @@ module Shotengai ...@@ -24,6 +25,7 @@ module Shotengai
end end
module Customer module Customer
autoload :Base, 'shotengai/controllers/customer/base'
autoload :ProductsController, 'shotengai/controllers/customer/products_controller' autoload :ProductsController, 'shotengai/controllers/customer/products_controller'
autoload :ProductSnapshotsController, 'shotengai/controllers/customer/product_snapshots_controller' autoload :ProductSnapshotsController, 'shotengai/controllers/customer/product_snapshots_controller'
autoload :ProductSeriesController, 'shotengai/controllers/customer/product_series_controller' autoload :ProductSeriesController, 'shotengai/controllers/customer/product_series_controller'
......
module Shotengai
module Controller
module Customer
class Base < Shotengai::Controller::Base
prepend_before_action :buyer_auth
private
def buyer_auth
@buyer = params[:buyer_type].constantize.find(params[:buyer_id])
end
end
end
end
end
module Shotengai module Shotengai
module Controller module Controller
module Customer module Customer
class CartsController < Shotengai::Controller::Base class CartsController < Shotengai::Controller::Customer::Base
self.base_resources = Cart self.base_resources = Cart
self.template_dir = 'shotengai/customer/cart' self.template_dir = 'shotengai/customer/cart'
before_action :buyer_auth
before_action :set_resource before_action :set_resource
# NOTE: before_action would not keep the super methods' "only" condition # NOTE: before_action would not keep the super methods' "only" condition
remove_actions :index, :create, :destroy remove_actions :index, :create, :destroy
private private
def buyer_auth
@buyer = params[:buyer_type].constantize.find(params[:buyer_id])
end
def set_resource def set_resource
@resource = @buyer.order_cart @resource = @buyer.order_cart
end end
......
module Shotengai module Shotengai
module Controller module Controller
module Customer module Customer
class OrdersController < Shotengai::Controller::Base class OrdersController < Shotengai::Controller::Customer::Base
self.base_resources = Order self.base_resources = Order
self.template_dir = 'shotengai/customer/orders/' self.template_dir = 'shotengai/customer/orders/'
before_action :buyer_auth
before_action :edit_only_unpaid, only: [:update] before_action :edit_only_unpaid, only: [:update]
remove_actions :destroy remove_actions :destroy
def default_query resources def default_query resources
...@@ -39,10 +38,6 @@ module Shotengai ...@@ -39,10 +38,6 @@ module Shotengai
end end
private private
def buyer_auth
@buyer = params[:buyer_type].constantize.find(params[:buyer_id])
end
def resource_params def resource_params
params[resource_key] && params.require(resource_key).permit( params[resource_key] && params.require(resource_key).permit(
:address, :customer_remark, :address, :customer_remark,
......
module Shotengai module Shotengai
module Controller module Controller
module Customer module Customer
class ProductSeriesController < Shotengai::Controller::Base class ProductSeriesController < Shotengai::Controller::Customer::Base
self.base_resources = ProductSeries self.base_resources = ProductSeries
self.template_dir = 'shotengai/customer/series/' self.template_dir = 'shotengai/customer/series/'
skip_before_action :buyer_auth
remove_actions :create, :update, :destroy remove_actions :create, :update, :destroy
def default_query resources def default_query resources
......
module Shotengai module Shotengai
module Controller module Controller
module Customer module Customer
class ProductSnapshotsController < Shotengai::Controller::Base class ProductSnapshotsController < Shotengai::Controller::Customer::Base
self.base_resources = ProductSnapshot self.base_resources = ProductSnapshot
self.template_dir = 'shotengai/customer/snapshots/' self.template_dir = 'shotengai/customer/snapshots/'
before_action :buyer_auth
before_action :edit_only_unpaid, except: [:index, :show, :create] before_action :edit_only_unpaid, except: [:index, :show, :create]
def default_query resources def default_query resources
...@@ -30,10 +29,6 @@ module Shotengai ...@@ -30,10 +29,6 @@ module Shotengai
end end
private private
def buyer_auth
@buyer = params[:buyer_type].constantize.find(params[:buyer_id])
end
def resource_params def resource_params
params.require(resource_key).permit( params.require(resource_key).permit(
:count, :shotengai_series_id :count, :shotengai_series_id
......
module Shotengai module Shotengai
module Controller module Controller
module Customer module Customer
class ProductsController < Shotengai::Controller::Base class ProductsController < Shotengai::Controller::Customer::Base
self.base_resources = Product self.base_resources = Product
self.template_dir = 'shotengai/customer/products/' self.template_dir = 'shotengai/customer/products/'
remove_actions :create, :update, :destroy remove_actions :create, :update, :destroy
skip_before_action :buyer_auth
def index_query resources def index_query resources
params[:catalog_list] ? params[:catalog_list] ?
......
module Shotengai
module Controller
module Merchant
class Base < Shotengai::Controller::Base
prepend_before_action :manager_auth
private
def manager_auth
@manager = params[:manager_type].constantize.find(params[:manager_id])
end
end
end
end
end
module Shotengai module Shotengai
module Controller module Controller
module Merchant module Merchant
class OrdersController < Shotengai::Controller::Base class OrdersController < Shotengai::Controller::Merchant::Base
self.base_resources = ::Order self.base_resources = ::Order
self.template_dir = 'shotengai/merchant/orders/' self.template_dir = 'shotengai/merchant/orders/'
before_action :manager_auth
remove_actions :create, :destroy remove_actions :create, :destroy
def index_query resources def index_query resources
...@@ -22,6 +23,10 @@ module Shotengai ...@@ -22,6 +23,10 @@ module Shotengai
:merchant_remark, :mark :merchant_remark, :mark
) )
end end
def manager_auth
@manager = params[:manager_type].constantize.find(params[:manager_id])
end
end end
end end
end end
......
module Shotengai module Shotengai
module Controller module Controller
module Merchant module Merchant
class ProductSeriesController < Shotengai::Controller::Base class ProductSeriesController < Shotengai::Controller::Merchant::Base
self.base_resources = ProductSeries self.base_resources = ProductSeries
self.template_dir = 'shotengai/merchant/series/' self.template_dir = 'shotengai/merchant/series/'
before_action :manager_auth
def default_query resources def default_query resources
resources.where( resources.where(
params[:product_id] && { shotengai_product_id: params[:product_id] } params[:product_id] && { shotengai_product_id: params[:product_id] }
...@@ -21,6 +23,10 @@ module Shotengai ...@@ -21,6 +23,10 @@ module Shotengai
{ spec: spec, meta: meta } { spec: spec, meta: meta }
) )
end end
def manager_auth
@manager = params[:manager_type].constantize.find(params[:manager_id])
end
end end
end end
end end
......
module Shotengai module Shotengai
module Controller module Controller
module Merchant module Merchant
class ProductSnapshotsController < Shotengai::Controller::Base class ProductSnapshotsController < Shotengai::Controller::Merchant::Base
self.base_resources = ProductSnapshot self.base_resources = ProductSnapshot
self.template_dir = 'shotengai/merchant/snapshots/' self.template_dir = 'shotengai/merchant/snapshots/'
remove_actions :create, :destroy remove_actions :create, :destroy
before_action :edit_only_unpaid, only: :update before_action :edit_only_unpaid, only: :update
def default_query resources def default_query resources
resources.in_order resources.in_order
end end
...@@ -30,6 +30,10 @@ module Shotengai ...@@ -30,6 +30,10 @@ module Shotengai
def edit_only_unpaid def edit_only_unpaid
raise Shotengai::WebError.new('订单已支付,不可修改该快照。', '-1', 403) unless @resource.order.unpaid? raise Shotengai::WebError.new('订单已支付,不可修改该快照。', '-1', 403) unless @resource.order.unpaid?
end end
def manager_auth
@manager = params[:manager_type].constantize.find(params[:manager_id])
end
end end
end end
end end
......
module Shotengai module Shotengai
module Controller module Controller
module Merchant module Merchant
class ProductsController < Shotengai::Controller::Base class ProductsController < Shotengai::Controller::Merchant::Base
self.base_resources = Product self.base_resources = Product
self.template_dir = 'shotengai/merchant/products/' self.template_dir = 'shotengai/merchant/products/'
before_action :manager_auth
def default_query resources def default_query resources
resources.where(@manager && { manager: @manager }) resources.where(@manager && { manager: @manager })
...@@ -33,10 +31,6 @@ module Shotengai ...@@ -33,10 +31,6 @@ module Shotengai
end end
private private
def manager_auth
@manager = params[:manager_type].constantize.find(params[:manager_id])
end
def resource_params def resource_params
# QUESTION: need these ? # QUESTION: need these ?
spec = params.require(resource_key).fetch(:spec, nil).try(:permit!) spec = params.require(resource_key).fetch(:spec, nil).try(:permit!)
......
...@@ -114,7 +114,7 @@ module Shotengai ...@@ -114,7 +114,7 @@ module Shotengai
end end
def product_amount def product_amount
snapshots.sum(&:total_price).round(2) snapshots.sum(&:total_price).round(2) || 0
end end
def product_original_amount def product_original_amount
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment