class Muck::CommentsController < ApplicationController unloadable before_filter :get_parent, :only => [:create] before_filter :get_comment, :only => [:destroy] def create @comment = @parent.comments.build(params[:comment]) @comment.user = current_user @comment.save! respond_to do |format| format.html do redirect_back_or_default(@parent) end format.json { render :json => { :success => true, :comment => @comment } } end rescue ActiveRecord::RecordInvalid => ex if @comment @errors = @comment.errors.full_messages.to_sentence else @errors = ex end message = t('muck.comments.create_error', :errors => @errors) respond_to do |format| format.html do flash[:error] = message redirect_back_or_default(@parent) end format.json { render :json => { :success => false, :message => message, :errors => @errors } } end end def destroy @comment.destroy respond_to do |format| format.html do flash[:notice] = t('muck.comments.comment_removed') redirect_back_or_default(current_user) end format.json { render :json => { :success => true, :message => t("muck.comments.comment_removed"), :comment_id => @comment.id } } end end protected def get_parent if !params[:parent_type] || !params[:parent_id] raise t('muck.comments.missing_parent_id_error') return end @klass = params[:parent_type].to_s.capitalize.constantize @parent = @klass.find(params[:parent_id]) unless has_permission_to_comment(current_user, @parent) permission_denied end end def get_comment @comment = Comment.find(params[:id]) unless @comment.can_edit?(current_user) respond_to do |format| format.html do flash[:notice] = I18n.t('muck.comments.cant_delete_comment') redirect_back_or_default current_user end format.js { render(:update){|page| page.alert I18n.t('muck.comments.cant_delete_comment')}} end end end def has_permission_to_comment(user, parent) parent.can_comment?(user) end end