There is only one account, so just check join code directly
This commit is contained in:
@@ -2,7 +2,7 @@ class UsersController < ApplicationController
|
||||
require_unauthenticated_access only: %i[ new create ]
|
||||
|
||||
before_action :set_user, only: %i[ show edit update destroy ]
|
||||
before_action :set_account_from_join_code, only: %i[ new create ]
|
||||
before_action :ensure_join_code_is_valid, only: %i[ new create ]
|
||||
before_action :ensure_permission_to_administer_user, only: %i[ update destroy ]
|
||||
|
||||
def index
|
||||
@@ -36,8 +36,8 @@ class UsersController < ApplicationController
|
||||
end
|
||||
|
||||
private
|
||||
def set_account_from_join_code
|
||||
@account = Account.find_by_join_code!(params[:join_code])
|
||||
def ensure_join_code_is_valid
|
||||
head :forbidden unless Account.sole.join_code == params[:join_code]
|
||||
end
|
||||
|
||||
def set_user
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
<div class="panel shadow center">
|
||||
<h1 class="margin-none-block-start margin-block-end-double">Fizzy</h1>
|
||||
|
||||
<%= form_with model: @user, url: join_path(@account.join_code), class: "flex flex-column gap" do |form| %>
|
||||
<%= form_with model: @user, url: join_path(params[:join_code]), class: "flex flex-column gap" do |form| %>
|
||||
<div class="flex align-center gap">
|
||||
<label class="flex align-center gap input input--actor">
|
||||
<%= form.text_field :name, class: "input full-width", autocomplete: "name", placeholder: "Name", autofocus: true, required: true, data: { "1p-ignore": true } %>
|
||||
|
||||
Reference in New Issue
Block a user