...
 
Commits (2)
......@@ -53,6 +53,7 @@ module Api
mount V1::Domains
mount V1::Settings
mount V1::Scraps
mount V1::UploadedFiles
# hook point which allow plugins to add Grape::API extensions to Api::App
# finds for plugins which has api mount points classes defined (the class should extends Grape::API)
......
......@@ -37,7 +37,7 @@ module Api
end
def set_current_user
private_token = (params[PRIVATE_TOKEN_PARAM] || headers["Private-Token"]).to_s
private_token = (params[PRIVATE_TOKEN_PARAM] || headers["Private-Token"] || headers["Authorization"]).to_s
@current_user ||= User.where(private_token: private_token).includes(:person).first unless private_token.blank?
@current_user ||= plugins.dispatch("api_custom_login", request).first
@current_user = session.user if @current_user.blank? && session.present?
......
module Api
module V1
class UploadedFiles < Grape::API::Instance
resource :profiles do
segment "/:id" do
resource :uploaded_files do
post do
authenticate!
profile = environment.profiles.visible.find(params[:id])
return forbidden! unless current_person.can_post_content?(profile)
data = {
uploaded_data: params[:file],
profile: profile,
author: current_person,
}
article = UploadedFile.new(data)
begin
article.save!
present_partial article, with: Entities::Article
rescue ActiveRecord::RecordInvalid
render_model_errors!(article.errors)
end
end
end
end
end
end
end
end