jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pundit: convert passwords to pundit.

Browse Source
This commit is contained in:
evazion
2020-03-19 18:59:53 -05:00
parent 62835ac9fc
commit 83eae1bf11
2 changed files with 12 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
app/controllers/passwords_controller.rb
View File

@@ -1,31 +1,20 @@
class PasswordsController < ApplicationController
before_action :member_only
respond_to :html, :xml, :json
def edit
@user = User.find(params[:user_id])
check_privilege(@user)
@user = authorize User.find(params[:user_id]), policy_class: PasswordPolicy
respond_with(@user)
end
def update
@user = User.find(params[:user_id])
check_privilege(@user)
@user = authorize User.find(params[:user_id]), policy_class: PasswordPolicy
@user.update(user_params)
flash[:notice] = @user.errors.none? ? "Password updated" : @user.errors.full_messages.join("; ")
respond_with(@user, location: @user)
end
private
def check_privilege(user)
raise User::PrivilegeError unless user.id == CurrentUser.id || CurrentUser.is_admin?
end
def user_params
params.require(:user).permit(%i[signed_user_id old_password password password_confirmation])
params.fetch(:user, {}).permit(policy(:password).permitted_attributes)
end
end