1 files changed, 91 insertions, 0 deletions

diff --git a/app/controllers/api/rows_controller.rb b/app/controllers/api/rows_controller.rb
new file mode 100644
index 0000000..6e815eb
--- /dev/null
+++ b/app/controllers/api/rows_controller.rb
@@ -0,0 +1,91 @@
+class Api::RowsController < ApplicationController
+  before_filter :check_remote_ip_address_whitelist
+
+  def index
+    @rows = Api::Row.all
+
+    respond_to do |format|
+      format.xml { render xml: @rows }
+    end
+  end
+
+  def show
+    if params[:user_name]
+      @row = Api::Row.find_by_user_name(params[:user_name])
+    else
+      @row = Api::Row.find(params[:id])
+    end
+
+    respond_to do |format|
+      format.xml { render xml: @row }
+    end
+  end
+
+  def new
+    @row = Api::Row.new
+
+    respond_to do |format|
+      format.xml { render xml: @row }
+    end
+  end
+
+  def edit
+    if params[:user_name]
+      @row = Api::Row.find_by_user_name(params[:user_name])
+    else
+      @row = Api::Row.find(params[:id])
+    end
+  end
+
+  def create
+    @row = Api::Row.new(params[:row])
+
+    respond_to do |format|
+      if @row.save
+        @row.create_a_new_gemeinschaft_user
+
+        format.xml { render xml: @row, status: :created, location: @row }
+      else
+        format.xml { render xml: @row.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  def update
+    if params[:user_name]
+      @row = Api::Row.find_by_user_name(params[:user_name])
+    else
+      @row = Api::Row.find(params[:id])
+    end
+
+    respond_to do |format|
+      if @row.update_attributes(params[:row])
+        @row.update_user_data
+        format.xml { head :no_content }
+      else
+        format.xml { render xml: @row.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  def destroy
+    if params[:user_name]
+      @row = Api::Row.find_by_user_name(params[:user_name])
+    else
+      @row = Api::Row.find(params[:id])
+    end
+    @row.destroy
+
+    respond_to do |format|
+      format.xml { head :no_content }
+    end
+  end
+
+  private
+
+  def check_remote_ip_address_whitelist
+    if !(REMOTE_IP_ADDRESS_WHITELIST.empty? or REMOTE_IP_ADDRESS_WHITELIST.include?(ENV['REMOTE_ADDR']))
+      redirect_to root_url
+    end
+  end
+end