app/controllers/accounts_controller.rb

   1 class AccountsController < ApplicationController
   2   include SessionMethods
   3   include UserMethods
   4
   5   layout "site"
   6
   7   before_action :authorize_web
   8   before_action :set_locale
   9
  10   authorize_resource :class => false
  11
  12   before_action :check_database_readable
  13   before_action :check_database_writable, :only => [:update]
  14
  15   allow_thirdparty_images :only => [:edit, :update]
  16   allow_social_login :only => [:edit, :update]
  17
  18   def edit
  19     @tokens = current_user.oauth_tokens.authorized
  20
  21     if errors = session.delete(:user_errors)
  22       errors.each do |attribute, error|
  23         current_user.errors.add(attribute, error)
  24       end
  25     end
  26     @title = t ".title"
  27   end
  28
  29   def update
  30     @tokens = current_user.oauth_tokens.authorized
  31
  32     user_params = params.require(:user).permit(:display_name, :new_email, :pass_crypt, :pass_crypt_confirmation, :auth_provider)
  33
  34     if params[:user][:auth_provider].blank? ||
  35        (params[:user][:auth_provider] == current_user.auth_provider &&
  36         params[:user][:auth_uid] == current_user.auth_uid)
  37       update_user(current_user, user_params)
  38       if current_user.errors.count.zero?
  39         redirect_to edit_account_path
  40       else
  41         render :edit
  42       end
  43     else
  44       session[:new_user_settings] = user_params.to_h
  45       redirect_to auth_url(params[:user][:auth_provider], params[:user][:auth_uid]), :status => :temporary_redirect
  46     end
  47   end
  48
  49   def destroy
  50     if current_user.deletion_allowed?
  51       current_user.soft_destroy!
  52
  53       session.delete(:user)
  54       session_expires_automatically
  55
  56       flash[:notice] = t ".success"
  57       redirect_to root_path
  58     else
  59       head :bad_request
  60     end
  61   end
  62 end