mirror of
https://github.com/openfoodfoundation/openfoodnetwork
synced 2026-01-24 20:36:49 +00:00
44 lines
1.3 KiB
Ruby
44 lines
1.3 KiB
Ruby
module Spree
|
|
module Admin
|
|
class SearchController < Spree::Admin::BaseController
|
|
# http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/
|
|
before_filter :check_json_authenticity, only: :index
|
|
respond_to :json
|
|
|
|
def known_users
|
|
@users = if exact_match = Spree.user_class.find_by_email(params[:q])
|
|
[exact_match]
|
|
else
|
|
spree_current_user.known_users.ransack(ransack_hash).result.limit(10)
|
|
end
|
|
|
|
render json: @users, each_serializer: ::Api::Admin::UserSerializer
|
|
end
|
|
|
|
def customers
|
|
@customers = []
|
|
if spree_current_user.enterprises.pluck(:id).include? params[:distributor_id].to_i
|
|
@customers = Customer.
|
|
ransack(m: 'or', email_start: params[:q], name_start: params[:q]).
|
|
result.
|
|
where(enterprise_id: params[:distributor_id])
|
|
end
|
|
render json: @customers, each_serializer: ::Api::Admin::CustomerSerializer
|
|
end
|
|
|
|
private
|
|
|
|
def ransack_hash
|
|
{
|
|
m: 'or',
|
|
email_start: params[:q],
|
|
ship_address_firstname_start: params[:q],
|
|
ship_address_lastname_start: params[:q],
|
|
bill_address_firstname_start: params[:q],
|
|
bill_address_lastname_start: params[:q]
|
|
}
|
|
end
|
|
end
|
|
end
|
|
end
|