Sha256: dd24a83d1282039c1f8110c25800374e3f08d81167355707075b8a91bb2522d4
Contents?: true
Size: 1.05 KB
Versions: 1
Compression:
Stored size: 1.05 KB
Contents
class WcmsComponents::PeopleController < ApplicationController
skip_after_action :verify_authorized
skip_after_action :verify_policy_scoped
def index
# For security reasons, this should only be available to employees.
if current_user.admin? || current_user.has_role?(:employee)
if params[:q].present?
@people = permitted_people.custom_search(params[:q]).asc(:first_name, :last_name).limit(20)
else
# If no query string is present, return all faculty for pre-cached data.
@people = permitted_people.where(affiliations: 'faculty').custom_search(params[:q]).asc(:first_name, :last_name)
end
render json: @people.map{|p| {id: p.id.to_s, name: p.name, email: p.biola_email, affiliations: p.affiliations.to_a.join(', '), image: p.profile_photo_url} }.to_json
else
user_not_authorized
end
end
private
def permitted_people
# Return all people who are either employees or not private.
Person.where({'$or' => [{affiliations: ['employee'] }, {privacy: { '$ne' => true }}] })
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| biola_wcms_components-0.1.0 | app/controllers/wcms_components/people_controller.rb |