48 lines
1.2 KiB
Ruby
48 lines
1.2 KiB
Ruby
class CommentsController < ApplicationController
|
|
layout false
|
|
|
|
def index
|
|
@post = Post.find( params[:blog_id] )
|
|
res = @post.comments.desc(:created_at).collect { |comment| build_json(comment) }
|
|
render :json => res
|
|
end
|
|
|
|
def create
|
|
unless request.xhr?
|
|
logger.warn "attack action detected: #{params.to_h}"
|
|
redirect_to root_path
|
|
return
|
|
end
|
|
cookies[:name] = comment_params[:name]
|
|
cookies[:email] = comment_params[:email]
|
|
@post = Post.find( params[:blog_id] )
|
|
@comment = @post.comments.build(comment_params)
|
|
|
|
if @comment.save
|
|
@comments = @post.comments.order(created_at: :desc)
|
|
ActionCable.server.broadcast "comment_post_#{@comment.post.id}", { not: cookies[:cable_id] }
|
|
render :create_ok
|
|
else
|
|
render :create_fail
|
|
end
|
|
end
|
|
|
|
def refresh
|
|
@post = Post.find(params[:blog_id])
|
|
@comments = @post.comments.order(created_at: :desc)
|
|
end
|
|
|
|
private
|
|
def comment_params
|
|
params.require(:comment).permit(:content, :name, :email)
|
|
end
|
|
|
|
def build_json(comment)
|
|
{
|
|
content: comment.content,
|
|
name: comment.name,
|
|
'created_at' => format_time(comment.created_at)
|
|
}
|
|
end
|
|
end
|