Files
fizzy/app/controllers/users_controller.rb
T
Jorge Manrubia 540254def4 Fix tests after removing the index action
The show action makes more sense in the controller. Also, the filter
scoped was failing due to Rails raising on missing actions (because we
have deleted the index action). Inlining the concern fixes it and clarifies
where this action is implemented.
2025-06-05 09:12:07 +02:00

53 lines
1.2 KiB
Ruby

class UsersController < ApplicationController
require_unauthenticated_access only: %i[ new create ]
before_action :set_user, only: %i[ show edit update destroy ]
before_action :ensure_join_code_is_valid, only: %i[ new create ]
before_action :ensure_permission_to_change_user, only: %i[ update destroy ]
def new
@user = User.new
end
def create
user = User.create!(user_params)
start_new_session_for user
redirect_to root_path
end
def edit
end
def show
@filter = Current.user.filters.new(creator_ids: [ @user.id ])
@day_timeline = Current.user.timeline_for(Time.current, filter: @filter)
end
def update
@user.update! user_params
redirect_to @user
end
def destroy
@user.deactivate
redirect_to users_path
end
private
def ensure_join_code_is_valid
head :forbidden unless Account.sole.join_code == params[:join_code]
end
def set_user
@user = User.active.find(params[:id])
end
def ensure_permission_to_change_user
head :forbidden unless Current.user.can_change?(@user)
end
def user_params
params.expect(user: [ :name, :email_address, :password, :avatar ])
end
end