tabletop-companion/app/controllers/users_controller.rb

74 lines
1.7 KiB
Ruby
Raw Normal View History

2024-05-26 10:45:10 +00:00
# frozen_string_literal: true
2024-04-14 19:01:32 +00:00
class UsersController < ApplicationController
2024-04-21 14:01:10 +00:00
skip_before_action :authenticate, only: [ :new, :create ]
2024-05-30 08:07:54 +00:00
before_action :set_user, only: [ :show, :edit, :update ]
before_action :ensure_self, only: [ :edit, :update ]
2024-04-21 14:01:10 +00:00
2024-04-14 19:01:32 +00:00
def new
@user = User.new
end
def create
2024-05-30 08:07:54 +00:00
@user = User.new(new_user_params)
2024-04-14 19:01:32 +00:00
if @user.save
token = @user.generate_token_for(:email_verification)
UserMailer.with(user: @user, token: token).email_verification.deliver_later
flash[:notice] = t(".success", name: @user.first_name)
2024-04-21 14:01:10 +00:00
redirect_to login_path
2024-04-14 19:01:32 +00:00
else
flash[:alert] = t(".error", error: @user.errors.full_messages.to_sentence)
render :new, status: :unprocessable_entity
end
end
2024-05-29 16:17:06 +00:00
def show
if @user == Current.user
@table_invites = TableInvite.where(email: @user.email).not_responded
end
end
2024-05-30 08:07:54 +00:00
def edit
end
def update
2024-06-04 13:20:57 +00:00
if existing_user_params.present? && @user.update(existing_user_params)
2024-05-30 08:07:54 +00:00
redirect_to @user, notice: t(".success")
else
flash.now[:alert] = t(".error")
render :edit, status: :unprocessable_entity
end
end
2024-04-14 19:01:32 +00:00
private
2024-05-30 08:07:54 +00:00
def new_user_params
2024-04-14 19:01:32 +00:00
params.require(:user).permit(
:username,
:password,
:password_confirmation,
:email,
:first_name,
:last_name,
)
end
2024-05-29 16:17:06 +00:00
2024-05-30 08:07:54 +00:00
def existing_user_params
params.require(:user).permit(
:first_name,
:last_name,
:profile,
2024-05-30 14:30:25 +00:00
:avatar,
2024-06-04 13:20:57 +00:00
:delete_avatar,
2024-05-30 08:07:54 +00:00
)
end
2024-05-29 16:17:06 +00:00
def set_user
@user = User.find_by(username: params[:id])
end
2024-05-30 08:07:54 +00:00
def ensure_self
head :forbidden unless @user == Current.user || Current.user.admin?
end
2024-04-14 19:01:32 +00:00
end