class PinsController < ApplicationController before_action :set_pin, only: [:s

1. class PinsController < ApplicationController
2. before_action :set_pin, only: [:show, :edit, :update, :destroy]
3. before_action :correct_user, only: [:edit, :update, :destroy]
4. before_action :authenticate_user!, except: [:index, :show]
5.  
6. respond_to :html
7.  
8. def index
9. @pins = Pin.all.order("created_at DESC").paginate(:page => params[:page], :per_page => 8)
10. respond_with(@pins)
11. end
12.  
13. def show
14. respond_with(@pin)
15. end
16.  
17. def new
18. @pin = current_user.pins.build
19. respond_with(@pin)
20. end
21.  
22. def edit
23. end
24.  
25. def create
26. @pin = current_user.pins.build(pin_params)
27. if @pin.save
28. redirect_to @pin, notice: "Pin was successfully created."
29. else
30. render action: "new"
31. end
32. end
33.  
34. def update
35. if @pin.update(pin_params)
36. redirect_to @pin, notice: "Pin was successfully updated."
37. else
38. render action: "edit"
39. end
40. end
41.  
42. def destroy
43. @pin.destroy
44. respond_with(@pin)
45. end
46.  
47. def upvote
48. @pin = Pin.find(params[:id])
49. @pin.upvote_by current_user
50. redirect_to :back
51. end
52.  
53. def downvote
54. @pin = Pin.find(params[:id])
55. @pin.downvote_from current_user
56. redirect_to :back
57. end
58.  
59. private
60. def set_pin
61. @pin = Pin.friendly.find(params[:id])
62. end
63.  
64. def correct_user
65. @pin = current_user.pins.find_by(id: params[:id])
66. redirect_to pins_path, notice: "Not authorized to edit this pin" if @pin.nil?
67. end
68.  
69. def pin_params
70. params.require(:pin).permit(:description, :image)
71. end
72. end