]> git.openstreetmap.org Git - rails.git/blob - app/controllers/concerns/user_methods.rb
Switch to using rails builtin content security policy support
[rails.git] / app / controllers / concerns / user_methods.rb
1 module UserMethods
2   extend ActiveSupport::Concern
3
4   private
5
6   ##
7   # ensure that there is a "user" instance variable
8   def lookup_user
9     @user = User.active.find_by!(:display_name => params[:display_name])
10   rescue ActiveRecord::RecordNotFound
11     render_unknown_user params[:display_name]
12   end
13
14   ##
15   # render a "no such user" page
16   def render_unknown_user(name)
17     @title = t "users.no_such_user.title"
18     @not_found_user = name
19
20     respond_to do |format|
21       format.html { render :template => "users/no_such_user", :status => :not_found, :layout => "site" }
22       format.all { head :not_found }
23     end
24   end
25
26   ##
27   # update a user's details
28   def update_user(user, params)
29     user.display_name = params[:display_name]
30     user.new_email = params[:new_email]
31
32     unless params[:pass_crypt].empty? && params[:pass_crypt_confirmation].empty?
33       user.pass_crypt = params[:pass_crypt]
34       user.pass_crypt_confirmation = params[:pass_crypt_confirmation]
35     end
36
37     if params[:auth_provider].nil? || params[:auth_provider].blank?
38       user.auth_provider = nil
39       user.auth_uid = nil
40     end
41
42     if user.save
43       session[:fingerprint] = user.fingerprint
44
45       if user.new_email.blank? || user.new_email == user.email
46         flash[:notice] = t "accounts.update.success"
47       else
48         token = user.generate_token_for(:new_email)
49
50         user.email = user.new_email
51
52         if user.valid?
53           flash[:notice] = t "accounts.update.success_confirm_needed"
54
55           begin
56             UserMailer.email_confirm(user, token).deliver_later
57           rescue StandardError
58             # Ignore errors sending email
59           end
60         else
61           current_user.errors.add(:new_email, current_user.errors[:email])
62           current_user.errors.add(:email, [])
63         end
64
65         user.restore_email!
66       end
67     end
68   end
69 end