aponcz/API Controller

## API Controller
module API
  module V1
    class InvalidRequestError < StandardError; end
    class UnprocessableEntityError < StandardError; end
    class Unauthorized < StandardError; end

    class APIController < ApplicationController
      respond_to :json

      rescue_from StandardError, with: :render_server_error unless Rails.env.development? or Rails.env.test?
      rescue_from API::V1::InvalidRequestError, with: :render_invalid_request
      rescue_from API::V1::UnprocessableEntityError, with: :render_unprocessable_entry
      rescue_from API::V1::Unauthorized, with: :render_unauthorized_error
      skip_before_filter :verify_authenticity_token

      protected

      def current_user
        @user
      end

      def render_invalid_request(e)
        render json: { success: false, error: e.message }, status: 400
      end

      def render_server_error(e)
        Airbrake.notify e
        render json: { success: false, errors: [{error: "Unexpected Server Error (#{e.message})"}] }, status: 500
      end

      def render_unprocessable_entry(e)
        render json: { success: false, error: e.message }, status: :unprocessable_entity
      end

      def render_unauthorized_error(e)
        render json: { success: false, error: e.message }, status: 401
      end

      def authenticate_user_from_token!
        raise API::V1::Unauthorized, "API key cannot be blank" unless params[:api_key].present?
        @user = User.active.where("api_key = ?", params[:api_key]).first
        raise API::V1::Unauthorized, "API key invalid" unless @user
        raise API::V1::Unauthorized, "User not confirmed" if @user.locked_out?
      end
    end
  end
end


class API::V1::ProductsController < API::V1::APIController
  before_filter :authenticate_user_from_token!, only: [:share]

  def share
    validate_share_request

    if params[:provider] == 'Facebook'
      Resque.enqueue(Social::Facebook::ShareProductWorker, @user.id, @product.id, params[:message])
    elsif params[:provider] == 'Twitter'
      Resque.enqueue(Social::Twitter::ShareProductWorker, @user.id, @product.id, params[:message])
    end
    render :status => 202
  end

  private

  def validate_share_request
    raise API::V1::InvalidRequestError, 'Invalid provider parameter' unless Authentication.permitted_providers.include? params[:provider]
    raise API::V1::InvalidRequestError, 'Invalid message parameter' unless params[:message] and params[:message].length > 0

    @product = Product.active.where(id: params[:product_id]).first
    raise API::V1::InvalidRequestError, 'Product does not exist' unless @product
    auth = Authentication.where(user: @user, provider: params[:provider]).first
    raise API::V1::InvalidRequestError, 'Authentication does not exist' unless auth
    raise API::V1::InvalidRequestError, 'Authentication invalid, please update Authentication' if auth.invalid_at

    if params[:provider] == 'Facebook' and !(auth.has_permission? 'publish_actions')
      raise API::V1::InvalidRequestError, 'Social permission not granted'
    end

  end
end
	module API
	module V1
	class InvalidRequestError < StandardError; end
	class UnprocessableEntityError < StandardError; end
	class Unauthorized < StandardError; end

	class APIController < ApplicationController
	respond_to :json

	rescue_from StandardError, with: :render_server_error unless Rails.env.development? or Rails.env.test?
	rescue_from API::V1::InvalidRequestError, with: :render_invalid_request
	rescue_from API::V1::UnprocessableEntityError, with: :render_unprocessable_entry
	rescue_from API::V1::Unauthorized, with: :render_unauthorized_error
	skip_before_filter :verify_authenticity_token

	protected

	def current_user
	@user
	end

	def render_invalid_request(e)
	render json: { success: false, error: e.message }, status: 400
	end

	def render_server_error(e)
	Airbrake.notify e
	render json: { success: false, errors: [{error: "Unexpected Server Error (#{e.message})"}] }, status: 500
	end

	def render_unprocessable_entry(e)
	render json: { success: false, error: e.message }, status: :unprocessable_entity
	end

	def render_unauthorized_error(e)
	render json: { success: false, error: e.message }, status: 401
	end

	def authenticate_user_from_token!
	raise API::V1::Unauthorized, "API key cannot be blank" unless params[:api_key].present?
	@user = User.active.where("api_key = ?", params[:api_key]).first
	raise API::V1::Unauthorized, "API key invalid" unless @user
	raise API::V1::Unauthorized, "User not confirmed" if @user.locked_out?
	end
	end
	end
	end



	class API::V1::ProductsController < API::V1::APIController
	before_filter :authenticate_user_from_token!, only: [:share]

	def share
	validate_share_request

	if params[:provider] == 'Facebook'
	Resque.enqueue(Social::Facebook::ShareProductWorker, @user.id, @product.id, params[:message])
	elsif params[:provider] == 'Twitter'
	Resque.enqueue(Social::Twitter::ShareProductWorker, @user.id, @product.id, params[:message])
	end
	render :status => 202
	end

	private

	def validate_share_request
	raise API::V1::InvalidRequestError, 'Invalid provider parameter' unless Authentication.permitted_providers.include? params[:provider]
	raise API::V1::InvalidRequestError, 'Invalid message parameter' unless params[:message] and params[:message].length > 0

	@product = Product.active.where(id: params[:product_id]).first
	raise API::V1::InvalidRequestError, 'Product does not exist' unless @product
	auth = Authentication.where(user: @user, provider: params[:provider]).first
	raise API::V1::InvalidRequestError, 'Authentication does not exist' unless auth
	raise API::V1::InvalidRequestError, 'Authentication invalid, please update Authentication' if auth.invalid_at

	if params[:provider] == 'Facebook' and !(auth.has_permission? 'publish_actions')
	raise API::V1::InvalidRequestError, 'Social permission not granted'
	end

	end
	end