2025-06-12 21:26:01 +00:00
2 changed files with 5 additions and 2 deletions
--- a/app/controllers/guests_controller.rb
+++ b/app/controllers/guests_controller.rb
@ -6,6 +6,9 @@ require 'csv'

 class GuestsController < ApplicationController
  GUEST_PARAMS = { only: %i[id name status], include: { group: { only: %i[id name] } } }.freeze
+
+  skip_before_action :authenticate_user!, only: :update
+
  def index
    render json: Guest.includes(:group)
                      .left_joins(:group)
@ -31,6 +34,6 @@ class GuestsController < ApplicationController
  private

  def guest_params
-    params.expect(guest: %i[name group_id status])
+    user_signed_in? ? params.expect(guest: %i[name group_id status]) : params.expect(guest: %i[status])
  end
 end
--- a/app/controllers/invitations_controller.rb
+++ b/app/controllers/invitations_controller.rb
@ -20,7 +20,7 @@ class InvitationsController < ApplicationController
    invitation = Invitation.includes(:guests).find(params[:id])

    if invitation
-      render json: invitation, only: :id, include: { guests: { only: %i[id name] } }, status: :ok
+      render json: invitation, only: :id, include: { guests: { only: %i[id name status] } }, status: :ok
    else
      render json: { error: 'Invitation not found' }, status: :not_found
    end