Api Addresses

Api for create, update, delete, list and show Addresses

app/controllers/api/v1/addresses_controller.rb

@@ -0,0 +1,85 @@
+module Api
+  module V1
+    class AddressesController < ApplicationController
+      skip_before_action :verify_authenticity_token
+      before_action :authenticate_api_user
+      before_action :authorize_api_user
+      before_action :set_address, only: [:show, :update, :destroy]
+
+      # GET /api/v1/addresses
+      def index
+        addresses = Address.includes(:country, :geo_state).all
+        render json: addresses.as_json(include: {
+          country: { only: [:id, :name] },
+          geo_state: { only: [:id, :name] }
+        }), status: :ok
+      end
+
+      # GET /api/v1/addresses/:id
+      def show
+        render json: @address.as_json(include: {
+          country: { only: [:id, :name] },
+          geo_state: { only: [:id, :name] }
+        }), status: :ok
+      end
+
+      # POST /api/v1/addresses
+      def create
+        address = Address.new(address_params)
+        if address.save
+          render json: address.as_json(include: {
+            country: { only: [:id, :name] },
+            geo_state: { only: [:id, :name] }
+          }), status: :created
+        else
+          render json: { errors: address.errors.full_messages }, status: :unprocessable_entity
+        end
+      end
+
+      # PUT /api/v1/addresses/:id
+      def update
+        if @address.update(address_params)
+          render json: @address.as_json(include: {
+            country: { only: [:id, :name] },
+            geo_state: { only: [:id, :name] }
+          }), status: :ok
+        else
+          render json: { errors: @address.errors.full_messages }, status: :unprocessable_entity
+        end
+      end
+
+      # DELETE /api/v1/addresses/:id
+      def destroy
+        @address.destroy
+        head :no_content
+      end
+
+      private
+
+      def authenticate_api_user
+        authenticate_or_request_with_http_basic do |username, password|
+          @current_api_user = ApiUser.find_by(username: username)&.authenticate(password)
+        end
+      end
+
+      def authorize_api_user
+        unless @current_api_user&.api_permissions&.exists?(endpoint_name: 'addresses')
+          render json: { error: 'Forbidden' }, status: :forbidden
+        end
+      end
+
+      def set_address
+        @address = Address.find(params[:id])
+      rescue ActiveRecord::RecordNotFound
+        render json: { error: 'Address not found' }, status: :not_found
+      end
+
+      def address_params
+        params.require(:address).permit(
+          :street_address, :city, :state_id, :postal_code,
+          :country_id, :geo_lat, :geo_long, :geo_labelx, :geo_labely
+        )
+      end
+    end
+  end
+end

app/models/address.rb

@@ -3,7 +3,19 @@ class Address < ApplicationRecord
   belongs_to :geo_state, optional: true, foreign_key: 'state_id'
 
   validates :street_address, :country_id, :geo_lat, :geo_long, presence: true
+  validates :geo_lat, :geo_long, :geo_labelx, :geo_labely, numericality: true
+  validates :state_id, presence: true, if: -> { GeoState.exists?(state_id) }
+  validate :state_must_exist
+  validate :country_must_exist
 
   has_many :divisions
   has_many :organizations
+
+  def state_must_exist
+    errors.add(:state_id, "must exist as a GeoState") unless GeoState.exists?(state_id)
+  end
+
+  def country_must_exist
+    errors.add(:country_id, "must exist as a Country") unless Country.exists?(country_id)
+  end
 end

config/routes.rb

@@ -14,6 +14,7 @@
     namespace :v1 do
       resources :divisions, only: [:index]
       resources :loans, only: [:index]
+      resources :addresses
     end
   end