tap/app/controllers/orders_controller.rb
2015-11-30 18:29:18 +01:00

36 lines
844 B
Ruby

class OrdersController < ApplicationController
load_resource :user
load_and_authorize_resource :order, through: :user, shallow: true
def new
@products = Product.all.for_sale.order(:name)
@order.products << @products
end
def create
if @order.save
flash[:success] = @order.flash_success
redirect_to root_path
else
@products = Product.all.for_sale.order(:name)
render 'new'
end
end
def destroy
@order.destroy
flash[:success] = "Order has been removed."
redirect_to root_path
end
def overview
@users = User.members.publik.order(:name)
@last = Order.order(:created_at).reverse_order.includes(:user).limit(10).map(&:user)
end
private
def order_params
params.require(:order).permit(order_items_attributes: [:count, :price, :product_id])
end
end