# Copyright (C) 2012-2014 Zammad Foundation, http://zammad-foundation.org/ class TaskbarController < ApplicationController before_filter :authentication_check def index current_user_tasks = Taskbar.where( :user_id => current_user.id ) model_index_render_result(current_user_tasks) end def show taskbar = Taskbar.find( params[:id] ) return if !access(taskbar) model_show_render_item(taskbar) end def create model_create_render(Taskbar,params) end def update taskbar = Taskbar.find( params[:id] ) return if !access(taskbar) taskbar.update_attributes!( Taskbar.param_cleanup(params) ) model_update_render_item(taskbar) end def destroy taskbar = Taskbar.find( params[:id] ) return if !access(taskbar) taskbar.destroy model_destory_render_item() end private def access(taskbar) if taskbar.user_id != current_user.id render :json => { :error => 'Not allowed to access this task.' }, :status => :unprocessable_entity return false end return true end end