summaryrefslogtreecommitdiff
path: root/users/app/controllers
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2012-11-26 12:16:53 +0100
committerAzul <azul@leap.se>2012-11-26 12:16:53 +0100
commit1ea7da1314a46a87512e4f3d7f99249883f4f12f (patch)
treeab07f2e702b5f5eee9638ef751669f88298faad2 /users/app/controllers
parent716dc248e940be8bd323a9d92f98785737fc99a0 (diff)
parentcdda8f095d49cdda94c3527ecb92cb15c300327b (diff)
Merge branch 'feature/users-change-passwords' into develop
Diffstat (limited to 'users/app/controllers')
-rw-r--r--users/app/controllers/users_controller.rb24
1 files changed, 14 insertions, 10 deletions
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index ecab53b..5be1fa9 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -1,6 +1,8 @@
class UsersController < ApplicationController
- skip_before_filter :verify_authenticity_token
+ skip_before_filter :verify_authenticity_token, :only => [:create]
+
+ before_filter :fetch_user, :only => [:edit, :update]
respond_to :json, :html
@@ -9,20 +11,22 @@ class UsersController < ApplicationController
end
def create
- @user = User.create!(params[:user])
- respond_with(@user, :location => root_url, :notice => "Signed up!")
- rescue VALIDATION_FAILED => e
- @user = e.document
- respond_with(@user, :location => new_user_path)
+ @user = User.create(params[:user])
+ respond_with @user
end
def edit
- @user = current_user
end
def update
- @user = current_user
- @user.update(params[:user])
- respond_with(@user, :location => edit_user_path(@user))
+ @user.update_attributes(params[:user])
+ respond_with @user
+ end
+
+ protected
+
+ def fetch_user
+ @user = User.find_by_param(params[:id])
+ access_denied unless @user == current_user
end
end