From 33c124aa67788d5c64906f7b3e21ad383577b2a8 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Nov 2012 17:31:18 +0100 Subject: basic user edit form and actions --- users/app/controllers/users_controller.rb | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'users/app/controllers/users_controller.rb') diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 82d2eac..46ecc32 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -15,4 +15,14 @@ class UsersController < ApplicationController @user = e.document respond_with(@user, :location => new_user_path) end + + def edit + @user = current_user + end + + def update + @user = current_user + @user.update!(params[:user]) + respond_with(@user, :location => edit_user_path(@user)) + end end -- cgit v1.2.3 From 3ce5a25afef3b938c2bbbe8ce481f2af9e0c24dc Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 23 Nov 2012 10:24:46 +0100 Subject: test editing user settings --- users/app/controllers/users_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'users/app/controllers/users_controller.rb') diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 46ecc32..ecab53b 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -22,7 +22,7 @@ class UsersController < ApplicationController def update @user = current_user - @user.update!(params[:user]) + @user.update(params[:user]) respond_with(@user, :location => edit_user_path(@user)) end end -- cgit v1.2.3 From ee3c9146e4bbe93ec1f00ee45386a82ec4363c4d Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 23 Nov 2012 12:11:11 +0100 Subject: identify user by id so rerendering the form does not use new invalid login --- users/app/controllers/users_controller.rb | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'users/app/controllers/users_controller.rb') diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index ecab53b..3913d0d 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -1,6 +1,8 @@ class UsersController < ApplicationController - skip_before_filter :verify_authenticity_token + skip_before_filter :verify_authenticity_token, :only => [:create] + + before_filter :fetch_user, :only => [:edit, :update] respond_to :json, :html @@ -17,12 +19,17 @@ class UsersController < ApplicationController end def edit - @user = current_user end def update - @user = current_user - @user.update(params[:user]) + @user.update_attributes(params[:user]) respond_with(@user, :location => edit_user_path(@user)) end + + protected + + def fetch_user + @user = User.find_by_param(params[:id]) + access_denied unless @user == current_user + end end -- cgit v1.2.3 From 595518684b9c4364f96c97a84cc481b5ae0da981 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 Nov 2012 11:54:11 +0100 Subject: simplified controller and adjusted tests Also added #assert_json_error to tests. --- users/app/controllers/users_controller.rb | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'users/app/controllers/users_controller.rb') diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 3913d0d..5be1fa9 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -11,11 +11,8 @@ class UsersController < ApplicationController end def create - @user = User.create!(params[:user]) - respond_with(@user, :location => root_url, :notice => "Signed up!") - rescue VALIDATION_FAILED => e - @user = e.document - respond_with(@user, :location => new_user_path) + @user = User.create(params[:user]) + respond_with @user end def edit @@ -23,7 +20,7 @@ class UsersController < ApplicationController def update @user.update_attributes(params[:user]) - respond_with(@user, :location => edit_user_path(@user)) + respond_with @user end protected -- cgit v1.2.3 From bf74255d1530fe5852dc6e6c27ef975ce9aa8d3c Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 Nov 2012 14:32:50 +0100 Subject: added admin menu and user index action --- users/app/controllers/users_controller.rb | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'users/app/controllers/users_controller.rb') diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 5be1fa9..4912ac8 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -3,9 +3,14 @@ class UsersController < ApplicationController skip_before_filter :verify_authenticity_token, :only => [:create] before_filter :fetch_user, :only => [:edit, :update] + before_filter :authorize_admin, :only => [:index] respond_to :json, :html + def index + @users = User.all + end + def new @user = User.new end -- cgit v1.2.3