jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
f25bace76618fac82a4d4fcfd779a99f9b5c25a0
danbooru/app/controllers/passwords_controller.rb
evazion f25bace766 users: refactor change password page. 
* Fix users being redirected back to the change password page after
  successfully changing their password.
* Move passwords controller out of /maintenance/ namespace.
* Add tests.
2020-03-08 23:18:08 -05:00

32 lines
728 B
Ruby
Raw Blame History

class PasswordsController < ApplicationController
before_action :member_only
respond_to :html, :xml, :json
def edit
@user = User.find(params[:user_id])
check_privilege(@user)
respond_with(@user)
end
def update
@user = User.find(params[:user_id])
check_privilege(@user)
@user.update(user_params)
flash[:notice] = @user.errors.none? ? "Password updated" : @user.errors.full_messages.join("; ")
respond_with(@user, location: @user)
end
private
def check_privilege(user)
raise User::PrivilegeError unless user.id == CurrentUser.id || CurrentUser.is_admin?
end
def user_params
params.require(:user).permit(%i[old_password password password_confirmation])
end
end
Reference in New Issue View Git Blame Copy Permalink