Redstoner/redstoner.com
Archived
0
Fork 0
Code Issues Pull Requests 2 Wiki Activity

add /users/me

Browse Source
This commit is contained in:
jomo
2014-06-29 12:40:03 +02:00
parent 3e0e5878e6
commit 56c60ebbfc
1 changed files with 16 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
app/controllers/users_controller.rb
View File

@@ -3,6 +3,8 @@ class UsersController < ApplicationController
require 'open-uri' require 'open-uri'
include MailerHelper include MailerHelper
before_filter :set_user, except: [:index, :new, :create, :lost_password, :reset_password]
def index def index
if params[:role] if params[:role]
if params[:role].downcase == "staff" if params[:role].downcase == "staff"
@@ -23,11 +25,6 @@ class UsersController < ApplicationController
end end
def show def show
@user = User.find_by_id(params[:id])
unless @user
flash[:alert] = "User does not exist!"
redirect_to users_path
end
end end
# SIGNUP # SIGNUP
@@ -42,7 +39,6 @@ class UsersController < ApplicationController
def confirm def confirm
if current_user if current_user
@user = User.find(params[:id])
code = params[:code] code = params[:code]
if @user && @user.is?(current_user) && code && @user.email_token == code if @user && @user.is?(current_user) && code && @user.email_token == code
if !confirmed? if !confirmed?
@@ -77,7 +73,6 @@ class UsersController < ApplicationController
end end
def edit def edit
@user = User.find(params[:id])
unless (mod? && current_user.role >= @user.role) || current_user == @user unless (mod? && current_user.role >= @user.role) || current_user == @user
flash[:alert] = "You are not allowed to edit this user" flash[:alert] = "You are not allowed to edit this user"
redirect_to user_path(@user) redirect_to user_path(@user)
@@ -138,7 +133,6 @@ class UsersController < ApplicationController
end end
def update def update
@user = User.find(params[:id])
if (mod? && current_user.role >= @user.role ) || (@user.is?(current_user) && confirmed?) if (mod? && current_user.role >= @user.role ) || (@user.is?(current_user) && confirmed?)
if mod? if mod?
userdata = user_params([:name, :skype, :skype_public, :youtube, :twitter, :about, :role, :confirmed]) userdata = user_params([:name, :skype, :skype_public, :youtube, :twitter, :about, :role, :confirmed])
@@ -174,7 +168,6 @@ class UsersController < ApplicationController
end end
def ban def ban
@user = User.find(params[:id])
if mod? && current_user.role >= @user.role if mod? && current_user.role >= @user.role
@user.role = Role.get :banned @user.role = Role.get :banned
flash[:notice] = "'#{@user.name}' has been banned!" flash[:notice] = "'#{@user.name}' has been banned!"
@@ -185,7 +178,6 @@ class UsersController < ApplicationController
end end
def unban def unban
@user = User.find(params[:id])
if mod? && current_user.role >= @user.role if mod? && current_user.role >= @user.role
@user.role = Role.get :normal @user.role = Role.get :normal
flash[:notice] = "\"#{@user.name}\" has been unbanned!" flash[:notice] = "\"#{@user.name}\" has been unbanned!"
@@ -196,7 +188,6 @@ class UsersController < ApplicationController
end end
def destroy def destroy
@user = User.find(params[:id])
if superadmin? if superadmin?
if @user.destroy if @user.destroy
flash[:notice] = "User deleted forever." flash[:notice] = "User deleted forever."
@@ -212,7 +203,6 @@ class UsersController < ApplicationController
end end
def edit_notifications def edit_notifications
@user = User.find(params[:id])
unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin? unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
flash[:alert] = "You are not allowed to edit this user's notification settings!" flash[:alert] = "You are not allowed to edit this user's notification settings!"
redirect_to @user redirect_to @user
@@ -220,7 +210,6 @@ class UsersController < ApplicationController
end end
def edit_login def edit_login
@user = User.find(params[:id])
unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin? unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
flash[:alert] = "You are not allowed to edit this user's login details!" flash[:alert] = "You are not allowed to edit this user's login details!"
redirect_to @user redirect_to @user
@@ -228,7 +217,6 @@ class UsersController < ApplicationController
end end
def update_login def update_login
@user = User.find(params[:id])
if @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin? if @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
authenticated = !@user.is?(current_user) || @user.authenticate(params[:current_password]) authenticated = !@user.is?(current_user) || @user.authenticate(params[:current_password])
if params[:user][:password].present? if params[:user][:password].present?
@@ -310,6 +298,20 @@ class UsersController < ApplicationController
user_token && user_token.destroy user_token && user_token.destroy
end end
def set_user
id = params[:id]
if id == "me"
if current_user
id = current_user.id
else
flash[:alert] = "Please log in"
redirect_to login_path(return_path: request.env['PATH_INFO'])
return
end
end
@user = User.find(id)
end
def user_params(add = []) def user_params(add = [])
a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention] + add a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention] + add
params.require(:user).permit(a) params.require(:user).permit(a)