followings_controller.rb in federails-0.3.0

- old
+ new

@@ -1,9 +1,10 @@
 module Federails
   module Client
-    class FollowingsController < Federails::ApplicationController
+    class FollowingsController < Federails::ClientController
       before_action :authenticate_user!
+      before_action :skip_authorization, only: [:new, :create]
       before_action :set_following, only: [:accept, :destroy]
 
       # GET /app/followings/new?uri={uri}
       def new
         # Find actor (and fetch if necessary)
@@ -38,12 +39,13 @@
       end
 
       # POST /app/followings/follow
       # POST /app/followings/follow.json
       def follow
+        authorize Federails::Following, policy_class: Federails::Client::FollowingPolicy
+
         begin
           @following = Following.new_from_account following_account_params, actor: current_user.actor
-          authorize @following, policy_class: Federails::Client::FollowingPolicy
         rescue ::ActiveRecord::RecordNotFound
           # Renders a 422 instead of a 404
           respond_to do |format|
             format.html { redirect_to federails.client_actors_url, alert: I18n.t('controller.followings.follow.error') }
             format.json { render json: { target_actor: ['does not exist'] }, status: :unprocessable_entity }