engine/app/controllers/locomotive/public/content_entries_controller.rb

module Locomotive
  module Public
    class ContentEntriesController < BaseController

      before_filter :set_content_type

      before_filter :sanitize_entry_params, :only => :create

      skip_before_filter :verify_authenticity_token

      self.responder = Locomotive::ActionController::PublicResponder # custom responder

      respond_to :html, :json

      def create
        @entry = @content_type.entries.create(params[:entry])
        flash[@content_type.slug.singularize] = @entry.to_presenter(:include_errors => true).as_json
        respond_with @entry, :location => self.callback_url
      end

      protected

      def set_content_type
        @content_type = current_site.content_types.where(:slug => params[:slug]).first

        # check if ability to receive public submissions
        unless @content_type.public_submission_enabled?
          respond_to do |format|
            format.json { render :json => { :error => 'Public submissions not accepted' }, :status => :forbidden }
            format.html { render :text => 'Public submissions not accepted', :status => :forbidden }
          end
          return false
        end
      end

      def callback_url
        @entry.errors.empty? ? params[:success_callback] : params[:error_callback]
      end

      def sanitize_entry_params
        entry_params = params[:entry] || params[:content] || {}
        entry_params.each do |key, value|
          next unless value.is_a?(String)
          entry_params[key] = Sanitize.clean(value, Sanitize::Config::BASIC)
        end
      end

    end
  end
end
refactor and clean code (wip) + the api controller has been deleted and replace by the entry_submission_controller (+ custom responder) 2012-01-09 14:49:59 +00:00			`module Locomotive`
			`module Public`
			`class ContentEntriesController < BaseController`

			`before_filter :set_content_type`

			`before_filter :sanitize_entry_params, :only => :create`

			`skip_before_filter :verify_authenticity_token`

			`self.responder = Locomotive::ActionController::PublicResponder # custom responder`

			`respond_to :html, :json`

			`def create`
			`@entry = @content_type.entries.create(params[:entry])`
			`flash[@content_type.slug.singularize] = @entry.to_presenter(:include_errors => true).as_json`
			`respond_with @entry, :location => self.callback_url`
			`end`

			`protected`

			`def set_content_type`
			`@content_type = current_site.content_types.where(:slug => params[:slug]).first`

			`# check if ability to receive public submissions`
			`unless @content_type.public_submission_enabled?`
			`respond_to do \|format\|`
			`format.json { render :json => { :error => 'Public submissions not accepted' }, :status => :forbidden }`
			`format.html { render :text => 'Public submissions not accepted', :status => :forbidden }`
			`end`
			`return false`
			`end`
			`end`

			`def callback_url`
			`@entry.errors.empty? ? params[:success_callback] : params[:error_callback]`
			`end`

			`def sanitize_entry_params`
			`entry_params = params[:entry] \|\| params[:content] \|\| {}`
			`entry_params.each do \|key, value\|`
			`next unless value.is_a?(String)`
			`entry_params[key] = Sanitize.clean(value, Sanitize::Config::BASIC)`
			`end`
			`end`

			`end`
			`end`
			`end`