Change the default route to the login page

[cs356-p2-videostore.git] / app / controllers / coitem_controller.rb

diff --git a/app/controllers/coitem_controller.rb b/app/controllers/coitem_controller.rb
index 73049f3..ef8ea7c 100644 (file)
--- a/app/controllers/coitem_controller.rb
+++ b/app/controllers/coitem_controller.rb
@@ -1,7 +1,12 @@
 class CoitemController < ApplicationController
+  layout "admin"
+
+  # Make sure that the user has logged in before they can take any
+  # action on checked out items
+  before_filter :authorize
+
   def index
-    list
-    render :action => 'list'
+    render :action => 'index'
   end
 
   # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
@@ -16,19 +21,8 @@ class CoitemController < ApplicationController
     @coitem = Coitem.find(params[:id])
   end
 
-  def new
-    @coitem = Coitem.new
-  end
-
-  def create
-    @coitem = Coitem.new(params[:coitem])
-    if @coitem.save
-      flash[:notice] = 'Coitem was successfully created.'
-      redirect_to :action => 'list'
-    else
-      render :action => 'new'
-    end
-  end
+  # We should never create new checked out items via the web interface, so remove
+  # the new and create methods.
 
   def edit
     @coitem = Coitem.find(params[:id])
@@ -44,14 +38,46 @@ class CoitemController < ApplicationController
     end
   end
 
-  def destroy
-    Coitem.find(params[:id]).destroy
-    redirect_to :action => 'list'
-  end
+  # We should never delete a checked out item directly via the web interface, so
+  # remove the destroy method.
 
   # Awesome, paginating overdue list, ordered by customer
   def overdue
-    @coitem_pages, @coitems = paginate :coitems, :per_page => 50, :conditions => "due_date < DATE('NOW', 'LOCALTIME')", :order => "customer_id"
-    render :action => 'list'
+    @coitem_pages, @coitems = paginate :coitems, :per_page => 50, :conditions => ["due_date < ?", Time.now.to_date], :order => "customer_id"
+    render :action => 'overdue'
+  end
+
+  def return
+    if request.post?
+      rentable_id = params[:rentable_id]
+      @rentable = Rentable.find_by_id(rentable_id)
+
+      if @rentable.nil?
+        flash[:notice] = "Unable to find this rentable"
+        redirect_to :action => :return
+        return
+      end
+
+      @coitem = Coitem.find_by_rentable_id(rentable_id)
+      if @coitem.nil?
+        flash[:notice] = "This item is not checked out!"
+        redirect_to :action => :return
+        return
+      end
+
+      # Check if the item is overdue
+      if @coitem.overdue?
+        @coitem.customer.debt += @coitem.late_fee
+        @coitem.customer.save
+      end
+
+      # Delete the row
+      @coitem.destroy
+
+      flash[:notice] = "Successfully returned item"
+      redirect_to :action => :return, :method => :get
+    else
+      render :action => 'return'
+    end
   end
 end