X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/a8e8ba1a64d4f82c74003b5fc05c6fc89a10cc65..e47187a8fb45c9372ad3a7422f96d357e087676d:/app/controllers/concerns/user_methods.rb

diff --git a/app/controllers/concerns/user_methods.rb b/app/controllers/concerns/user_methods.rb
index 9099b37c9..28305b5c3 100644
--- a/app/controllers/concerns/user_methods.rb
+++ b/app/controllers/concerns/user_methods.rb
@@ -3,18 +3,38 @@ module UserMethods
 
   private
 
+  ##
+  # ensure that there is a "user" instance variable
+  def lookup_user
+    @user = User.active.find_by!(:display_name => params[:display_name])
+  rescue ActiveRecord::RecordNotFound
+    render_unknown_user params[:display_name]
+  end
+
+  ##
+  # render a "no such user" page
+  def render_unknown_user(name)
+    @title = t "users.no_such_user.title"
+    @not_found_user = name
+
+    respond_to do |format|
+      format.html { render :template => "users/no_such_user", :status => :not_found, :layout => "site" }
+      format.all { head :not_found }
+    end
+  end
+
   ##
   # update a user's details
   def update_user(user, params)
-    user.display_name = params[:user][:display_name]
-    user.new_email = params[:user][:new_email]
+    user.display_name = params[:display_name]
+    user.new_email = params[:new_email]
 
-    unless params[:user][:pass_crypt].empty? && params[:user][:pass_crypt_confirmation].empty?
-      user.pass_crypt = params[:user][:pass_crypt]
-      user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation]
+    unless params[:pass_crypt].empty? && params[:pass_crypt_confirmation].empty?
+      user.pass_crypt = params[:pass_crypt]
+      user.pass_crypt_confirmation = params[:pass_crypt_confirmation]
     end
 
-    if params[:user][:auth_provider].nil? || params[:user][:auth_provider].blank?
+    if params[:auth_provider].nil? || params[:auth_provider].blank?
       user.auth_provider = nil
       user.auth_uid = nil
     end
@@ -25,13 +45,15 @@ module UserMethods
       if user.new_email.blank? || user.new_email == user.email
         flash[:notice] = t "accounts.update.success"
       else
+        token = user.generate_token_for(:new_email)
+
         user.email = user.new_email
 
         if user.valid?
           flash[:notice] = t "accounts.update.success_confirm_needed"
 
           begin
-            UserMailer.email_confirm(user, user.tokens.create).deliver_later
+            UserMailer.email_confirm(user, token).deliver_later
           rescue StandardError
             # Ignore errors sending email
           end