basic layout template

app/controllers/api/api_controller.rb

@@ -0,0 +1,14 @@
+class Api::ApiController < ActionController::API
+  include TokenVerification
+  helper_method :current_token
+
+  #this is base api base controller to need to inherit.
+  #all token authentication must be done here
+  #response format must be set to JSON
+  def current_token
+    authenticate_with_http_token do |token, options|
+      return token
+    end
+  end
+
+end

app/controllers/api/customers_controller.rb

@@ -0,0 +1,12 @@
+class Api::CustomersController < ActionController::API
+
+  #List all active customers by name
+  def index
+    @customers = Customer.order("name asc")
+  end
+
+  #Show customer by ID
+  def show
+    @customer = Customer.find_by(params[:id])
+  end
+end

app/controllers/api/restaurant/orders_controller.rb

@@ -0,0 +1,63 @@
+class Api::Restaurant::OrdersController < ActionController::API
+  #before :authenticate_token
+
+  #Description
+  # This API show current order details
+  # Input Params - order_id
+  def show
+      order = Order.find(params[:order_id])
+      order.order_items
+  end
+
+
+  # Description
+  # This API allow new order creation
+  # Input Params
+  # order_source [* default - emenu] | table_id | booking_id [table_booking_id & Room_booking_id] (*require for Dine-In) | order_type [* Default - Dine-in]
+  # | guest_info (optional) | customer_id (* Default assigned to WALK-IN)
+  # order_items {[item_code, item_instance_code , qty, option, variants]}
+  # Output Params
+  # Status [Success | Error | System Error] , order_id, error_message (*)
+  def create
+    # begin
+    @order = Order.new
+    @order.source = params[:order_source]
+    @order.order_type = params[:order_type]
+    @order.customer_id = params[:customer_id]
+    json_hash = params[:order_items]
+    @order.items = json_hash
+    @order.guest = params[:guest_info]
+    @order.table_id = params[:table_id]
+    @order.new_booking = true
+    @order.employee_name = "Test User"
+
+
+      #Create Table Booking or Room Booking
+      if !params["booking_id"].nil?
+        @order.new_booking = false
+        @order.booking_id = params[:booking_id]
+      end
+
+      @status = @order.generate
+    # rescue Exception => error
+    #   @status = false
+    #   @error_messages = "Exception has occurs on System"
+    #
+    #   logger.fatal("Exception Raise - " + error.message)
+    # end
+
+
+
+  end
+
+  # Description
+  # This API - allow order to add new items to existing orders, does not allow you to remove confirm items
+  # Update customer info, Guest Info
+  # Input Params
+  # order_id , order_items {[item_code, item_instance_code , qty, option, variants]}
+  def update
+
+  end
+
+
+end

app/controllers/api/restaurant/seatings_controller.rb

@@ -8,7 +8,7 @@ class Api::Restaurant::SeatingsController < ActionController::API
   # Output
   # status: {available, cleaning, occupied, reserved}, order_id : <current_order_id>
   def show
-
+    
   end
 
   #Input Params

app/controllers/application_controller.rb

@@ -1,3 +1,25 @@
 class ApplicationController < ActionController::Base
+  #before_action :check_installation
   protect_from_forgery with: :exception
+
+  helper_method :current_company
+
+  #this is base api base controller to need to inherit.
+  #all token authentication must be done here
+  #response format must be set to JSON
+  def current_company
+    begin
+     return Company.first
+    rescue
+      return nil
+    end
+
+  end
+
+  private
+  def check_installation
+    if current_company.nil?
+      redirect_to install_path
+    end
+  end
 end

app/controllers/base_controller.rb

@@ -0,0 +1,4 @@
+class BaseController < ActionController::Base
+  layout "installation"
+  protect_from_forgery with: :exception
+end

app/controllers/concerns/token_verification.rb

@@ -0,0 +1,36 @@
+module TokenVerification
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :authenticate
+  end
+
+
+  protected
+  # Authenticate the user with token based authentication
+  def authenticate
+    authenticate_token || render_unauthorized
+  end
+
+  def authenticate_token
+    authenticate_with_http_token do |token, options|
+      #@current_user = User.find_by(api_key: token)
+      @device_access = DeviceAccess.find_by_token(token)
+      if @device_access
+        @log = DeviceAccessLog.new
+        @log.device_access = @device_access
+        @log.api_route = request.env['PATH_INFO']
+        @log.remote_ip = request.remote_ip
+        # @log.client_info =
+        @log.save
+      end
+
+    end
+  end
+
+  def render_unauthorized(realm = "Application")
+    self.headers["WWW-Authenticate"] = %(Token realm="#{realm.gsub(/"/, "")}")
+    render json: 'Bad credentials', status: :unauthorized
+  end
+
+end

app/controllers/install_controller.rb

@@ -0,0 +1,8 @@
+class InstallController < BaseController
+
+  def index
+  end
+
+  def create
+  end
+end

app/controllers/settings/employees_controller.rb

@@ -0,0 +1,74 @@
+class Settings::EmployeesController < ApplicationController
+  before_action :set_employee, only: [:show, :edit, :update, :destroy]
+
+  # GET /employees
+  # GET /employees.json
+  def index
+    @employees = Employee.all
+  end
+
+  # GET /employees/1
+  # GET /employees/1.json
+  def show
+  end
+
+  # GET /employees/new
+  def new
+    @employee = Employee.new
+  end
+
+  # GET /employees/1/edit
+  def edit
+  end
+
+  # POST /employees
+  # POST /employees.json
+  def create
+    @employee = Employee.new(employee_params)
+
+    respond_to do |format|
+      if @employee.save
+        format.html { redirect_to @employee, notice: 'Employee was successfully created.' }
+        format.json { render :show, status: :created, location: @employee }
+      else
+        format.html { render :new }
+        format.json { render json: @employee.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PATCH/PUT /employees/1
+  # PATCH/PUT /employees/1.json
+  def update
+    respond_to do |format|
+      if @employee.update(employee_params)
+        format.html { redirect_to @employee, notice: 'Employee was successfully updated.' }
+        format.json { render :show, status: :ok, location: @employee }
+      else
+        format.html { render :edit }
+        format.json { render json: @employee.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /employees/1
+  # DELETE /employees/1.json
+  def destroy
+    @employee.destroy
+    respond_to do |format|
+      format.html { redirect_to employees_url, notice: 'Employee was successfully destroyed.' }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_employee
+      @employee = Employee.find(params[:id])
+    end
+
+    # Never trust parameters from the scary internet, only allow the white list through.
+    def employee_params
+      params.require(:employee).permit(:name, :role, :password)
+    end
+end