users_controller.rb 2.17 KB
Edit Raw Blame History Permalink



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80


class UsersController < ApplicationController
  respond_to :html

  before_action :require_admin!, except: [:edit, :update]
  before_action :require_user_edit_priviledges, only: [:edit, :update]

  expose(:user, attributes: :user_params)
  expose(:users) do
    User.order_by(name: :asc).page(params[:page]).per(current_user.per_page)
  end

  def index; end
  def new; end
  def show; end

  def create
    if user.save
      flash[:success] = "#{user.name} is now part of the team. Be sure to add them as a project watcher."
      redirect_to user_path(user)
    else
      render :new
    end
  end

  def update
    if user.update_attributes(user_params)
      flash[:success] = I18n.t('controllers.users.flash.update.success', name: user.name)
      redirect_to user_path(user)
    else
      render :edit
    end
  end

  ##
  # Destroy the user pass in args
  #
  # @param [ String ] id the id of user we want delete
  #
  def destroy
    if user == current_user
      flash[:error] = I18n.t('controllers.users.flash.destroy.error')
    else
      UserDestroy.new(user).destroy
      flash[:success] = I18n.t('controllers.users.flash.destroy.success', name: user.name)
    end
    redirect_to users_path
  end

  def unlink_github
    user.update_attributes github_login: nil, github_oauth_token: nil
    redirect_to user_path(user)
  end

  def unlink_google
    user.update(google_uid: nil)
    redirect_to user_path(user)
  end

protected

  def require_user_edit_priviledges
    can_edit = current_user == user || current_user.admin?
    redirect_to(root_path) unless can_edit
  end

  def user_params
    @user_params ||= params[:user] ? params.require(:user).permit(*user_permit_params) : {}
  end

  def user_permit_params
    @user_permit_params ||= [:name, :username, :email, :github_login, :per_page, :time_zone]
    @user_permit_params << :admin if current_user.admin? && current_user.id != params[:id]
    @user_permit_params |= [:password, :password_confirmation] if user_password_params.values.all? { |pa| !pa.blank? }
    @user_permit_params
  end

  def user_password_params
    @user_password_params ||= params[:user] ? params.require(:user).permit(:password, :password_confirmation) : {}
  end
end