This commit is contained in:
Executable
+57
@@ -0,0 +1,57 @@
|
||||
# frozen_string_literal: true
|
||||
class UsersController < ApplicationController
|
||||
skip_before_action :has_info
|
||||
skip_before_action :authenticated, only: [:new, :create]
|
||||
|
||||
def new
|
||||
@user = User.new
|
||||
end
|
||||
|
||||
def create
|
||||
user = User.new(user_params)
|
||||
if user.save
|
||||
session[:user_id] = user.id
|
||||
redirect_to home_dashboard_index_path
|
||||
else
|
||||
@user = user
|
||||
flash[:error] = user.errors.full_messages.to_sentence
|
||||
redirect_to :signup
|
||||
end
|
||||
end
|
||||
|
||||
def account_settings
|
||||
@user = current_user
|
||||
end
|
||||
|
||||
def update
|
||||
message = false
|
||||
|
||||
user = User.where("id = '#{params[:user][:id]}'")[0]
|
||||
|
||||
if user
|
||||
user.update(user_params_without_password)
|
||||
if params[:user][:password].present? && (params[:user][:password] == params[:user][:password_confirmation])
|
||||
user.password = params[:user][:password]
|
||||
end
|
||||
message = true if user.save!
|
||||
respond_to do |format|
|
||||
format.html { redirect_to user_account_settings_path(user_id: current_user.id) }
|
||||
format.json { render json: {msg: message ? "success" : "false "} }
|
||||
end
|
||||
else
|
||||
flash[:error] = "Could not update user!"
|
||||
redirect_to user_account_settings_path(user_id: current_user.id)
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def user_params
|
||||
params.require(:user).permit!
|
||||
end
|
||||
|
||||
# unpermitted attributes are ignored in production
|
||||
def user_params_without_password
|
||||
params.require(:user).permit(:email, :admin, :first_name, :last_name)
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user