40 lines
900 B
Ruby
40 lines
900 B
Ruby
class UsersController < ApplicationController
|
|
|
|
before_filter :ensure_authenticated!, :only => [:edit, :update]
|
|
|
|
attr_reader :user
|
|
|
|
def show
|
|
if params[:username]
|
|
user = User.for_username!(params[:username])
|
|
else
|
|
user = User.find(params[:id])
|
|
end
|
|
|
|
render locals: { page: UserPagePresenter.build(user, current_user, params[:page]) }
|
|
end
|
|
|
|
def edit
|
|
authorize current_user
|
|
render locals: { page: UserEditPagePresenter.new(current_user) }
|
|
end
|
|
|
|
def update
|
|
authorize current_user
|
|
@user = User.find(current_user.id)
|
|
|
|
if user.update_attributes(update_params)
|
|
redirect_to profile_path(user), notice: 'Account settings saved.'
|
|
else
|
|
render :edit, status: 422, locals: { page: UserEditPagePresenter.new(user) }
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def update_params
|
|
params.require(:user).permit(*policy(user).permitted_attributes)
|
|
end
|
|
|
|
end
|