# GET /comics/1
# GET /comics/1.json
def show
- @comic = Comic.show(params[:id])
+ @comic = Comic.show(params[:id], @author)
respond_to do |format|
- raise ActiveRecord::Forbidden unless @comic.visible?(@author)
format.html # show.html.erb
- format.json { render json: @comic.to_json(Comic.show_json_opt) }
+ format.json { render json: @comic.to_json(Comic.show_json_include_opt) }
end
end
# GET /comics/1/edit
# GET /comics/1.js/edit
def edit
- @comic = Comic.find(params[:id])
+ @comic = Comic.show(params[:id], @author)
@comic.supply_default
respond_to do |format|
- raise ActiveRecord::Forbidden unless @comic.own?(@author)
format.html
format.js
end
respond_to do |format|
if @comic.save
format.html { redirect_to @comic, notice: 'Comic was successfully created.' }
- format.json { render json: Comic.show(@comic.id).to_json(Comic.show_json_opt), status: :created, location: @comic }
+ format.json { render json: Comic.show(@comic.id, @author).to_json(Comic.show_json_include_opt), status: :created, location: @comic }
else
format.html { render action: "new" }
format.json { render json: @comic.errors, status: :unprocessable_entity }
# PUT /comics/1.json
def update
params[:comic].merge! author_id: @author.id
- @comic = Comic.find(params[:id])
+ @comic = Comic.show(params[:id], @author)
respond_to do |format|
raise ActiveRecord::Forbidden unless @comic.own?(@author)
if @comic.update_attributes(params[:comic])