]> git.openstreetmap.org Git - rails.git/blob - app/controllers/accounts_controller.rb
Merge remote-tracking branch 'upstream/pull/4605'
[rails.git] / app / controllers / accounts_controller.rb
1 class AccountsController < ApplicationController
2   include SessionMethods
3   include UserMethods
4
5   layout "site"
6
7   before_action :authorize_web
8   before_action :set_locale
9
10   authorize_resource :class => false
11
12   before_action :check_database_readable
13   before_action :check_database_writable, :only => [:update]
14
15   allow_thirdparty_images :only => [:edit, :update]
16   allow_social_login :only => [:edit, :update]
17
18   def edit
19     @tokens = current_user.oauth_tokens.authorized
20
21     if errors = session.delete(:user_errors)
22       errors.each do |attribute, error|
23         current_user.errors.add(attribute, error)
24       end
25     end
26     @title = t ".title"
27   end
28
29   def update
30     @tokens = current_user.oauth_tokens.authorized
31
32     user_params = params.require(:user).permit(:display_name, :new_email, :pass_crypt, :pass_crypt_confirmation, :auth_provider)
33
34     if params[:user][:auth_provider].blank? ||
35        (params[:user][:auth_provider] == current_user.auth_provider &&
36         params[:user][:auth_uid] == current_user.auth_uid)
37       update_user(current_user, user_params)
38       if current_user.errors.count.zero?
39         redirect_to edit_account_path
40       else
41         render :edit
42       end
43     else
44       session[:new_user_settings] = user_params.to_h
45       redirect_to auth_url(params[:user][:auth_provider], params[:user][:auth_uid]), :status => :temporary_redirect
46     end
47   end
48
49   def destroy
50     if current_user.deletion_allowed?
51       current_user.soft_destroy!
52
53       session.delete(:user)
54       session_expires_automatically
55
56       flash[:notice] = t ".success"
57       redirect_to root_path
58     else
59       head :bad_request
60     end
61   end
62 end