From 821b1444dcc147b9c1205326a2d28651c369a52d Mon Sep 17 00:00:00 2001
From: Folker Bernitt <fbernitt@thoughtworks.com>
Date: Fri, 11 Jul 2014 14:55:36 +0200
Subject: Moved check for allow_registration into filter.

---
 app/controllers/users_controller.rb    | 15 ++++++++++-----
 app/controllers/v1/users_controller.rb | 15 +++++++++------
 2 files changed, 19 insertions(+), 11 deletions(-)

(limited to 'app')

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index a623653..0f822cb 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -8,6 +8,7 @@ class UsersController < UsersBaseController
   before_filter :redirect_if_logged_in, :only => [:new]
   before_filter :require_admin, :only => [:index, :deactivate, :enable]
   before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable]
+  before_filter :require_registration_allowed, only: :new
 
   respond_to :html
 
@@ -26,11 +27,7 @@ class UsersController < UsersBaseController
   end
 
   def new
-    if APP_CONFIG[:allow_registration]
-      @user = User.new
-    else
-      redirect_to home_path
-    end
+    @user = User.new
   end
 
   def show
@@ -70,4 +67,12 @@ class UsersController < UsersBaseController
     end
   end
 
+  protected
+
+  def require_registration_allowed
+    unless APP_CONFIG[:allow_registration]
+      redirect_to home_path
+    end
+  end
+
 end
diff --git a/app/controllers/v1/users_controller.rb b/app/controllers/v1/users_controller.rb
index 881708a..abaefd8 100644
--- a/app/controllers/v1/users_controller.rb
+++ b/app/controllers/v1/users_controller.rb
@@ -5,6 +5,7 @@ module V1
     before_filter :fetch_user, :only => [:update]
     before_filter :require_admin, :only => [:index]
     before_filter :require_token, :only => [:update]
+    before_filter :require_registration_allowed, only: :create
 
     respond_to :json
 
@@ -19,12 +20,8 @@ module V1
     end
 
     def create
-      if APP_CONFIG[:allow_registration]
-        @user = Account.create(params[:user])
-        respond_with @user # return ID instead?
-      else
-        head :forbidden
-      end
+      @user = Account.create(params[:user])
+      respond_with @user # return ID instead?
     end
 
     def update
@@ -32,5 +29,11 @@ module V1
       respond_with @user
     end
 
+    def require_registration_allowed
+      unless APP_CONFIG[:allow_registration]
+        head :forbidden
+      end
+    end
+
   end
 end
-- 
cgit v1.2.3