21 lines
581 B
Ruby
21 lines
581 B
Ruby
class PasswordsController < ApplicationController
|
|
respond_to :html, :xml, :json
|
|
|
|
def edit
|
|
@user = authorize User.find(params[:user_id]), policy_class: PasswordPolicy
|
|
respond_with(@user)
|
|
end
|
|
|
|
def update
|
|
@user = authorize User.find(params[:user_id]), policy_class: PasswordPolicy
|
|
@user.update(user_params)
|
|
flash[:notice] = @user.errors.none? ? "Password updated" : @user.errors.full_messages.join("; ")
|
|
|
|
respond_with(@user, location: @user)
|
|
end
|
|
|
|
def user_params
|
|
params.fetch(:user, {}).permit(policy(:password).permitted_attributes)
|
|
end
|
|
end
|