diff options
author | Robin Houston <robin.houston@gmail.com> | 2012-05-24 12:57:00 +0100 |
---|---|---|
committer | Robin Houston <robin.houston@gmail.com> | 2012-06-06 19:34:57 +0100 |
commit | 87098bd183fcf59ba038f1cebef68356e6d57ed5 (patch) | |
tree | 5f51b9c3b4cc26da908124d2b5fb84159dd73b2f /app/controllers/api_controller.rb | |
parent | 3a7317ea1aaf8e4f9b435299938679a5635783ff (diff) |
Authenticated API
An authenticated API for public bodies. So far just one method
is implemented, which gives the details of a request in JSON
format.
Diffstat (limited to 'app/controllers/api_controller.rb')
-rw-r--r-- | app/controllers/api_controller.rb | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb new file mode 100644 index 000000000..538dade3f --- /dev/null +++ b/app/controllers/api_controller.rb @@ -0,0 +1,46 @@ +class ApiController < ApplicationController + before_filter :check_api_key + + def create_request + + end + + def show_request + @request = InfoRequest.find(params[:id]) + raise PermissionDenied if @request.public_body_id != @public_body.id + + @request_data = { + :id => @request.id, + :url => make_url("request", @request.url_title), + :title => @request.title, + + :created_at => @request.created_at, + :updated_at => @request.updated_at, + + :status => @request.calculate_status, + + :public_body_url => make_url("body", @request.public_body.url_name), + :requestor_url => make_url("user", @request.user.url_name), + :request_email => @request.incoming_email, + + :request_text => @request.last_event_forming_initial_request.outgoing_message.body, + } + + render :json => @request_data + end + + def add_correspondence + + end + + protected + def check_api_key + @public_body = PublicBody.find_by_api_key(params[:k].gsub(' ', '+')) + raise PermissionDenied if @public_body.nil? + end + + private + def make_url(*args) + "http://" + MySociety::Config.get("DOMAIN", '127.0.0.1:3000') + "/" + args.join("/") + end +end |