summaryrefslogtreecommitdiff
path: root/app/controllers/users_controller.rb
diff options
context:
space:
mode:
authorerdgeist <erdgeist@erdgeist.org>2026-06-25 04:34:55 +0200
committererdgeist <erdgeist@erdgeist.org>2026-06-25 04:34:55 +0200
commitf7a5944a1f44ede9881d368a36eb9f7d82d6ab69 (patch)
tree3803e9840eab4976b299a8cce969b7785b018b19 /app/controllers/users_controller.rb
parent3f236c7a0e544db94ef822f120d649ac5ee958f7 (diff)
Rails 4.2 model and controller fixes
- Wrap all scopes in lambdas (required in Rails 4) - Move scopes after associations in page.rb (evaluated at load time in Rails 4) - Convert association :order options to lambda syntax - Remove attr_accessible from page.rb and user.rb - Add Strong Parameters: user_params in UsersController, node_params/page_params in NodesController - Fix clone_attributes_from: exclude id/page_id/timestamps when cloning translations - Fix redirect_to :back → request.referer fallback in nodes_controller - Fix node_path/publish and unlock actions: pass @node argument
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r--app/controllers/users_controller.rb15
1 files changed, 11 insertions, 4 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index b7914c4..1d85690 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -15,11 +15,11 @@ class UsersController < ApplicationController
15 end 15 end
16 16
17 def new 17 def new
18 @user = User.new( params[:user] ) 18 @user = User.new
19 end 19 end
20 20
21 def create 21 def create
22 @user = User.new params[:user] 22 @user = User.new user_params
23 23
24 if @user.save 24 if @user.save
25 flash[:notice] = "User created #{@user.login}" 25 flash[:notice] = "User created #{@user.login}"
@@ -33,8 +33,10 @@ class UsersController < ApplicationController
33 end 33 end
34 34
35 def update 35 def update
36 params[:user].delete(:admin) unless current_user.is_admin? 36 permitted = user_params
37 if @user.update_attributes(params[:user]) 37 permitted.delete(:admin) unless current_user.is_admin?
38
39 if @user.update_attributes(permitted)
38 flash[:notice] = "Updated user #{@user.login}" 40 flash[:notice] = "Updated user #{@user.login}"
39 redirect_to user_path(@user) 41 redirect_to user_path(@user)
40 else 42 else
@@ -51,6 +53,11 @@ class UsersController < ApplicationController
51 end 53 end
52 54
53 private 55 private
56
57 def user_params
58 params.fetch(:user, {}).permit(:login, :email, :password, :password_confirmation, :admin)
59 end
60
54 def find_user 61 def find_user
55 @user = User.find(params[:id]) 62 @user = User.find(params[:id])
56 end 63 end