Merge pull request 'Allow updating the status of guests from unauthenticated sessions' (#280) from guest-update-from-invitation into main

Reviewed-on: #280
2025-06-12 21:26:00 +00:00 · 2025-06-12 21:26:00 +00:00 · f02a6b6a3d
commit f02a6b6a3d
parent 9e9ee0c995 efb5cf64f5
2 changed files with 5 additions and 2 deletions
--- a/app/controllers/guests_controller.rb
+++ b/app/controllers/guests_controller.rb
@ -6,6 +6,9 @@ require 'csv'
 class GuestsController < ApplicationController
  GUEST_PARAMS = { only: %i[id name status], include: { group: { only: %i[id name] } } }.freeze
  skip_before_action :authenticate_user!, only: :update
  def index
    render json: Guest.includes(:group)
                      .left_joins(:group)
@ -31,6 +34,6 @@ class GuestsController < ApplicationController
  private
  def guest_params
-    params.expect(guest: %i[name group_id status])
+    user_signed_in? ? params.expect(guest: %i[name group_id status]) : params.expect(guest: %i[status])
  end
 end
--- a/app/controllers/invitations_controller.rb
+++ b/app/controllers/invitations_controller.rb
@ -20,7 +20,7 @@ class InvitationsController < ApplicationController
    invitation = Invitation.includes(:guests).find(params[:id])
    if invitation
-      render json: invitation, only: :id, include: { guests: { only: %i[id name] } }, status: :ok
+      render json: invitation, only: :id, include: { guests: { only: %i[id name status] } }, status: :ok
    else
      render json: { error: 'Invitation not found' }, status: :not_found
    end