impress/app/controllers/users_controller.rb

59 lines
1.4 KiB
Ruby
Raw Normal View History

2010-11-06 09:15:10 -07:00
class UsersController < ApplicationController
before_action :find_and_authorize_user!, :only => [:update]
2011-07-20 12:16:22 -07:00
2011-08-05 08:28:11 -07:00
def index # search, really
name = params[:name]
@user = User.find_by_name(name)
if @user
redirect_to user_closet_hangers_path(@user)
else
flash[:alert] = t('users.index.not_found', :name => name)
2011-08-05 08:28:11 -07:00
redirect_to root_path
end
end
2010-11-06 09:15:10 -07:00
def top_contributors
@users = User.top_contributors.paginate :page => params[:page], :per_page => 20
end
2011-07-20 12:16:22 -07:00
def update
@user.attributes = user_params
success = @user.save
2011-07-22 11:02:04 -07:00
respond_to do |format|
format.html {
if success
flash[:success] = t('users.update.success')
2011-07-22 11:02:04 -07:00
redirect_back! user_closet_hangers_path(@user)
else
flash[:alert] = t('users.update.invalid',
:errors => @user.errors.full_messages.to_sentence)
2011-07-22 11:02:04 -07:00
end
}
format.json {
if success
render :json => true
else
render :json => {:errors => @user.errors.full_messages}, :status => :unprocessable_entity
end
}
end
2011-07-20 12:16:22 -07:00
end
protected
2023-07-29 11:07:14 -07:00
def user_params
params.require(:user).permit(:owned_closet_hangers_visibility,
:wanted_closet_hangers_visibility, :contact_neopets_connection_id)
end
2011-07-20 12:16:22 -07:00
def find_and_authorize_user!
if current_user.id == params[:id].to_i
@user = current_user
else
raise AccessDenied
end
end
2010-11-06 09:15:10 -07:00
end
2011-07-20 12:16:22 -07:00