--- /dev/null
+class BonusPolicyController < ApplicationController
+ layout "admin"
+
+ before_filter :authorize, :except => ['new', 'create', 'edit', 'update', 'destroy']
+ before_filter :manager, :only => ['new', 'create', 'edit', 'update', 'destroy']
+
+ def index
+ list
+ render :action => 'list'
+ end
+
+ # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
+ verify :method => :post, :only => [ :destroy, :create, :update ],
+ :redirect_to => { :action => :list }
+
+ def list
+ @bonus_policy_pages, @bonus_policies = paginate :bonus_policies, :per_page => 10
+ end
+
+ def show
+ @bonus_policy = BonusPolicy.find(params[:id])
+ end
+
+ def new
+ @bonus_policy = BonusPolicy.new
+ end
+
+ def create
+ @bonus_policy = BonusPolicy.new(params[:bonus_policy])
+ if @bonus_policy.save
+ flash[:notice] = 'BonusPolicy was successfully created.'
+ redirect_to :action => 'list'
+ else
+ render :action => 'new'
+ end
+ end
+
+ def edit
+ @bonus_policy = BonusPolicy.find(params[:id])
+ end
+
+ def update
+ @bonus_policy = BonusPolicy.find(params[:id])
+ if @bonus_policy.update_attributes(params[:bonus_policy])
+ flash[:notice] = 'BonusPolicy was successfully updated.'
+ redirect_to :action => 'show', :id => @bonus_policy
+ else
+ render :action => 'edit'
+ end
+ end
+
+ def destroy
+ BonusPolicy.find(params[:id]).destroy
+ redirect_to :action => 'list'
+ end
+end