diff options
| author | jessib <jessib@riseup.net> | 2013-01-31 13:11:02 -0800 |
|---|---|---|
| committer | jessib <jessib@riseup.net> | 2013-01-31 13:11:02 -0800 |
| commit | a59d0aa3ba4eb7ed18597e93fc63c9e0f61b7501 (patch) | |
| tree | 178e2b29c8491e1f98615cef5e51ff6160a9e4d7 /users/app/controllers/v1/users_controller.rb | |
| parent | eae48e6d7ac052991560510b06e7c7ab78a201fe (diff) | |
| parent | 2d330838cf5a763d8de2bea752b4e37cf2caa249 (diff) | |
Merge pull request #23 from leapcode/feature/rest_api
Allow PUT API to update user.
Diffstat (limited to 'users/app/controllers/v1/users_controller.rb')
| -rw-r--r-- | users/app/controllers/v1/users_controller.rb | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb index eda2fad..617bd4b 100644 --- a/users/app/controllers/v1/users_controller.rb +++ b/users/app/controllers/v1/users_controller.rb @@ -1,13 +1,22 @@ module V1 class UsersController < ApplicationController - skip_before_filter :verify_authenticity_token, :only => [:create] + skip_before_filter :verify_authenticity_token + before_filter :authorize, :only => [:update] respond_to :json def create @user = User.create(params[:user]) + respond_with @user # return ID instead? + end + + def update + # For now, only allow public key to be updated via the API. Eventually we might want to store in a config what attributes can be updated via the API. + @user = User.find_by_param(params[:id]) + @user.update_attributes params[:user].slice(:public_key) if params[:user].respond_to?(:slice) respond_with @user end + end end |