X-Git-Url: https://irasnyder.com/gitweb/?a=blobdiff_plain;f=app%2Fcontrollers%2Fcoitem_controller.rb;h=ef8ea7c074cc3779f6c1b420e864bce42886ad58;hb=32e35e775c982b99b462c43430fa6701654792a8;hp=a524f059b90b1e5c547ef2181ffdc7529671a254;hpb=70d3675bba6ee586e1010a915e36758d2bab3637;p=cs356-p2-videostore.git diff --git a/app/controllers/coitem_controller.rb b/app/controllers/coitem_controller.rb index a524f05..ef8ea7c 100644 --- a/app/controllers/coitem_controller.rb +++ b/app/controllers/coitem_controller.rb @@ -1,7 +1,12 @@ class CoitemController < ApplicationController + layout "admin" + + # Make sure that the user has logged in before they can take any + # action on checked out items + before_filter :authorize + def index - list - render :action => 'list' + render :action => 'index' end # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html) @@ -16,19 +21,8 @@ class CoitemController < ApplicationController @coitem = Coitem.find(params[:id]) end - def new - @coitem = Coitem.new - end - - def create - @coitem = Coitem.new(params[:coitem]) - if @coitem.save - flash[:notice] = 'Coitem was successfully created.' - redirect_to :action => 'list' - else - render :action => 'new' - end - end + # We should never create new checked out items via the web interface, so remove + # the new and create methods. def edit @coitem = Coitem.find(params[:id]) @@ -44,48 +38,46 @@ class CoitemController < ApplicationController end end - def destroy - Coitem.find(params[:id]).destroy - redirect_to :action => 'list' - end + # We should never delete a checked out item directly via the web interface, so + # remove the destroy method. # Awesome, paginating overdue list, ordered by customer def overdue - @coitem_pages, @coitems = paginate :coitems, :per_page => 50, :conditions => "due_date < DATE('NOW', 'LOCALTIME')", :order => "customer_id" - render :action => 'list' + @coitem_pages, @coitems = paginate :coitems, :per_page => 50, :conditions => ["due_date < ?", Time.now.to_date], :order => "customer_id" + render :action => 'overdue' end def return - render :action => 'return' - end - - def return_validate - rentable_id = params[:rentable_id] - @rentable = Rentable.find_by_id(rentable_id) - - if @rentable.nil? - flash[:error] = "Unable to find this rentable" - redirect_to :action => :return - return - end - - @coitem = Coitem.find_by_rentable_id(rentable_id) - if @coitem.nil? - flash[:error] = "This item is not checked out!" - redirect_to :action => :return - return - end - - # Check if the item is overdue - if @coitem.overdue? - @coitem.customer.debt += @coitem.late_fee - @coitem.customer.save + if request.post? + rentable_id = params[:rentable_id] + @rentable = Rentable.find_by_id(rentable_id) + + if @rentable.nil? + flash[:notice] = "Unable to find this rentable" + redirect_to :action => :return + return + end + + @coitem = Coitem.find_by_rentable_id(rentable_id) + if @coitem.nil? + flash[:notice] = "This item is not checked out!" + redirect_to :action => :return + return + end + + # Check if the item is overdue + if @coitem.overdue? + @coitem.customer.debt += @coitem.late_fee + @coitem.customer.save + end + + # Delete the row + @coitem.destroy + + flash[:notice] = "Successfully returned item" + redirect_to :action => :return, :method => :get + else + render :action => 'return' end - - # Delete the row - @coitem.destroy - - flash[:notice] = "Successfully returned item" - redirect_to :action => :return end end