summaryrefslogtreecommitdiff
path: root/users/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'users/app/controllers')
-rw-r--r--users/app/controllers/controller_extension/authentication.rb8
-rw-r--r--users/app/controllers/sessions_controller.rb6
-rw-r--r--users/app/controllers/users_controller.rb31
3 files changed, 36 insertions, 9 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 1726278..f2184d9 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -7,8 +7,12 @@ module ControllerExtension::Authentication
helper_method :current_user, :logged_in?, :admin?
end
- def authentication_error
- warden.winning_strategy.try(:message)
+ def authentication_errors
+ return unless errors = warden.winning_strategy.try(:message)
+ errors.inject({}) do |translated,err|
+ translated[err.first] = I18n.t(err.last)
+ translated
+ end
end
def logged_in?
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index 486f67e..bc910b5 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -3,7 +3,11 @@ class SessionsController < ApplicationController
skip_before_filter :verify_authenticity_token
def new
- @errors = authentication_error
+ @session = Session.new
+ if authentication_errors
+ @errors = authentication_errors
+ render :status => 422
+ end
end
def create
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index 82d2eac..4912ac8 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -1,18 +1,37 @@
class UsersController < ApplicationController
- skip_before_filter :verify_authenticity_token
+ skip_before_filter :verify_authenticity_token, :only => [:create]
+
+ before_filter :fetch_user, :only => [:edit, :update]
+ before_filter :authorize_admin, :only => [:index]
respond_to :json, :html
+ def index
+ @users = User.all
+ end
+
def new
@user = User.new
end
def create
- @user = User.create!(params[:user])
- respond_with(@user, :location => root_url, :notice => "Signed up!")
- rescue VALIDATION_FAILED => e
- @user = e.document
- respond_with(@user, :location => new_user_path)
+ @user = User.create(params[:user])
+ respond_with @user
+ end
+
+ def edit
+ end
+
+ def update
+ @user.update_attributes(params[:user])
+ respond_with @user
+ end
+
+ protected
+
+ def fetch_user
+ @user = User.find_by_param(params[:id])
+ access_denied unless @user == current_user
end
end