Finished setting owner for tournamenr and protecting paths

2026-03-25 01:14:43 +00:00 · 2015-10-26 16:31:45 -04:00
parent ad9ea9dc42
commit d18e729012
16 changed files with 109 additions and 86 deletions
--- a/app/controllers/matches_controller.rb
+++ b/app/controllers/matches_controller.rb
@@ -1,6 +1,6 @@
 class MatchesController < ApplicationController
  before_action :set_match, only: [:show, :edit, :update, :destroy]
-
+  before_action :check_access, only: [:edit,:update]
  # GET /matches
  # GET /matches.json
  def index
@@ -22,10 +22,6 @@ class MatchesController < ApplicationController
    if params[:match]
      @match = Match.find (params[:match])
    end
-    if current_user == @match.tournament.user
-    else
-      redirect_to root_path
-    end
    if @match
      @w1 = Wrestler.find(@match.w1)
      @w2 = Wrestler.find(@match.w2)
@@ -35,10 +31,6 @@ class MatchesController < ApplicationController
  # POST /matches
  # POST /matches.json
  def create
-    if user_signed_in?
-    else
-      redirect_to root_path
-    end
    @match = Match.new(match_params)

    respond_to do |format|
@@ -55,10 +47,6 @@ class MatchesController < ApplicationController
  # PATCH/PUT /matches/1
  # PATCH/PUT /matches/1.json
  def update
-    if current_user == @match.tournament.user
-    else
-      redirect_to root_path
-    end
    respond_to do |format|
      if @match.update(match_params)
        format.html { redirect_to root_path, notice: 'Match was successfully updated.' }
@@ -94,4 +82,10 @@ class MatchesController < ApplicationController
    def match_params
      params.require(:match).permit(:w1, :w2, :g_stat, :r_stat, :winner_id, :win_type, :score, :finished)
    end
+
+    def check_access
+	if current_user != @match.tournament.user
+	  redirect_to root_path
+        end
+    end
 end