82 lines
2.2 KiB
Ruby
82 lines
2.2 KiB
Ruby
class UsersController < ApplicationController
|
|
require_unregistered_user only: %i[new create]
|
|
|
|
before_action :set_user, only: %i[ show edit update destroy ]
|
|
|
|
# GET /users or /users.json
|
|
def index
|
|
@users = User.all
|
|
end
|
|
|
|
# GET /users/1 or /users/1.json
|
|
def show
|
|
end
|
|
|
|
# GET /users/new
|
|
def new
|
|
@user = User.new
|
|
end
|
|
|
|
# GET /users/1/edit
|
|
def edit
|
|
end
|
|
|
|
# POST /users or /users.json
|
|
def create
|
|
@user = User.new(user_params)
|
|
|
|
respond_to do |format|
|
|
if ENV["REGISTRATION_ALLOWED"].blank?
|
|
format.html { redirect_to new_session_url, alert: "Registration disabled." }
|
|
format.json { render json: @user.errors, status: :unprocessable_entity }
|
|
elsif @user.save
|
|
@session = Session.new(session_params).save
|
|
session[:current_user_id] = @session.user_id
|
|
|
|
format.html { redirect_to user_url(@user), notice: "User was successfully created." }
|
|
format.json { render :show, status: :created, location: @user }
|
|
else
|
|
format.html { render :new, status: :unprocessable_entity }
|
|
format.json { render json: @user.errors, status: :unprocessable_entity }
|
|
end
|
|
end
|
|
end
|
|
|
|
# PATCH/PUT /users/1 or /users/1.json
|
|
def update
|
|
respond_to do |format|
|
|
if @user.update(user_params)
|
|
format.html { redirect_to user_url(@user), notice: "User was successfully updated." }
|
|
format.json { render :show, status: :ok, location: @user }
|
|
else
|
|
format.html { render :edit, status: :unprocessable_entity }
|
|
format.json { render json: @user.errors, status: :unprocessable_entity }
|
|
end
|
|
end
|
|
end
|
|
|
|
# DELETE /users/1 or /users/1.json
|
|
def destroy
|
|
@user.destroy!
|
|
|
|
respond_to do |format|
|
|
format.html { redirect_to users_url, notice: "User was successfully destroyed." }
|
|
format.json { head :no_content }
|
|
end
|
|
end
|
|
|
|
private
|
|
# Use callbacks to share common setup or constraints between actions.
|
|
def set_user
|
|
@user = User.find(params[:id])
|
|
end
|
|
|
|
# Only allow a list of trusted parameters through.
|
|
def user_params
|
|
params.require(:user).permit(:email, :password, :password_confirmation)
|
|
end
|
|
|
|
def session_params
|
|
user_params.slice(:email, :password)
|
|
end
|
|
end
|