diff --git a/lib/diskuy_web/controllers/post_controller.ex b/lib/diskuy_web/controllers/post_controller.ex index c41f03b1b048c537629af1bd655477c229406518..76bc66361713c778e457967248e4fad5666ff826 100644 --- a/lib/diskuy_web/controllers/post_controller.ex +++ b/lib/diskuy_web/controllers/post_controller.ex @@ -32,8 +32,9 @@ defmodule DiskuyWeb.PostController do def update(conn, %{"id" => id, "post" => post_params}) do current_user = Guardian.Plug.current_resource(conn) post = Forum.get_post!(id) + new_post_params = post_params |> Map.drop(["id", "points", "user_id", "thread_id"]) with {:ok, :authorized} <- Guardian.check_authorized(current_user, post.user_id), - {:ok, %Post{} = post} <- Forum.update_post(post, post_params) do + {:ok, %Post{} = post} <- Forum.update_post(post, new_post_params) do render(conn, "show.json", post: post) end end diff --git a/lib/diskuy_web/controllers/thread_controller.ex b/lib/diskuy_web/controllers/thread_controller.ex index ea0bbb2abe13e1f8bc662e96213acacd7d38e281..9ba486fd3caa82f6f0f3e88a8e2d646b9cbdb089 100644 --- a/lib/diskuy_web/controllers/thread_controller.ex +++ b/lib/diskuy_web/controllers/thread_controller.ex @@ -32,8 +32,9 @@ defmodule DiskuyWeb.ThreadController do def update(conn, %{"id" => id, "thread" => thread_params}) do current_user = Guardian.Plug.current_resource(conn) thread = Forum.get_thread!(id) + new_thread_params = thread_params |> Map.drop(["id", "points", "user_id", "topic_id"]) with {:ok, :authorized} <- Guardian.check_authorized(current_user, thread.user_id), - {:ok, %Thread{} = thread} <- Forum.update_thread(thread, thread_params) do + {:ok, %Thread{} = thread} <- Forum.update_thread(thread, new_thread_params) do render(conn, "show.json", thread: thread) end end