function POST(request){ var unit = new Unit(); unit.userId = users.getCurrentUser().userId; var form = new Form(request.postParams, {instance: unit}); try{ form.put(); }catch (errors){ return {json: {errors: errors}}; } return Response.created(unit.uri()); }
function DELETE(request){ var unit = Unit.get(request.pathInfo); if(!unit){ return Response.notFound(); } if(!allowedUser(unit.userId)){ return Response.unauthorized(); } unit.remove(); return Response.ok(); }
function PUT(request){ var unit = Unit.get(request.pathInfo); if(!unit){ return Response.notFound(); } if(!allowedUser(unit.userId)){ return Response.unauthorized(); } var form = new Form(request.postParams, {instance: unit}); try{ form.put(); }catch (errors){ return {json: {errors: errors}}; } return {json: {uri: unit.uri()}}; }