Allow PUT API to update user.

4 files changed, 19 insertions, 6 deletions

diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index 6cb438b..ad51354 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -1,8 +1,5 @@
 class UsersController < ApplicationController
 
-  skip_before_filter :verify_authenticity_token, :only => [:create]
-
-
   before_filter :authorize, :only => [:show, :edit, :update, :destroy]
   before_filter :fetch_user, :only => [:show, :edit, :update, :destroy]
   before_filter :set_anchor, :only => [:edit, :update]
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index eda2fad..e8e8f00 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -1,13 +1,21 @@
 module V1
   class UsersController < ApplicationController
 
-    skip_before_filter :verify_authenticity_token, :only => [:create]
+    skip_before_filter :verify_authenticity_token
+    before_filter :authorize, :only => [:update]
 
     respond_to :json
 
     def create
       @user = User.create(params[:user])
+      respond_with @user # return ID instead?
+    end
+
+    def update
+      @user = User.find_by_param(params[:id])
+      @user.update_attributes(params[:user])
       respond_with @user
     end
+
   end
 end
diff --git a/users/config/routes.rb b/users/config/routes.rb
index 4127862..2cd1740 100644
--- a/users/config/routes.rb
+++ b/users/config/routes.rb
@@ -5,7 +5,7 @@ Rails.application.routes.draw do
         path: "/1/",
         defaults: {format: 'json'} } do
       resources :sessions, :only => [:new, :create, :update, :destroy]
-      resources :users, :only => [:create]
+      resources :users, :only => [:create, :update]
     end
   end
 
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index 268fb5e..b763be5 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -23,7 +23,7 @@ class AccountFlowTest < ActiveSupport::TestCase
       :password_salt => @srp.salt.to_s(16)
     }
     post 'http://api.lvh.me:3000/1/users.json', :user => @user_params
-    @user = User.find_by_param(@login)
+    @user = User.find_by_login(@login)
   end
 
   def teardown
@@ -91,4 +91,12 @@ class AccountFlowTest < ActiveSupport::TestCase
     assert_nil server_auth
   end
 
+  test "update user" do
+    server_auth = @srp.authenticate(self)
+    test_public_key = 'asdlfkjslfdkjasd'
+    put "http://api.lvh.me:3000/1/users/" + @user.id + '.json', :user => {:public_key => test_public_key}, :format => :json
+    @user.reload
+    assert_equal @user.public_key, test_public_key
+  end
+
 end