diff options
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r-- | app/controllers/users_controller.rb | 62 |
1 files changed, 57 insertions, 5 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 58bf4c6..37c84ae 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,7 +1,32 @@ +# Copyright (C) 2014 Andrew Murrell +# Copyright (C) 2014 Davis Webb +# Copyright (C) 2014 Guntas Grewal +# Copyright (C) 2014 Luke Shumaker +# Copyright (C) 2014 Nathaniel Foy +# Copyright (C) 2014 Tomer Kimia +# +# This file is part of Leaguer. +# +# Leaguer is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Leaguer is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the Affero GNU General Public License +# along with Leaguer. If not, see <http://www.gnu.org/licenses/>. + class UsersController < ApplicationController - before_action :set_user, only: [:show, :edit, :update, :destroy] + + require 'httparty' + require 'json' # GET /users + # GET /users.json def index @users = User.all @@ -25,13 +50,26 @@ class UsersController < ApplicationController # POST /users.json def create @user = User.new(user_params) + unless (true) # simple_captcha_valid?) + respond_to do |format| + format.html { render action: 'new', status: :unprocessable_entity } + format.json { render json: @user.errors, status: :unprocessable_entity } + end + return + end respond_to do |format| if @user.save - format.html { redirect_to @user, notice: 'User was successfully created.' } + sign_in @user + if @user.id == 1 + # This is the first user, so give them all the power + @user.permissions = 0x7FFFFFFF + @user.save + end + format.html { redirect_to root_path, notice: 'User was successfully created.' } format.json { render action: 'show', status: :created, location: @user } else - format.html { render action: 'new' } + format.html { render action: 'new', status: :unprocessable_entity } format.json { render json: @user.errors, status: :unprocessable_entity } end end @@ -40,8 +78,17 @@ class UsersController < ApplicationController # PATCH/PUT /users/1 # PATCH/PUT /users/1.json def update + ok = true + if params[:user][:remote_usernames].nil? + ok &= @user.update(user_params) + else + params[:user][:remote_usernames].each do |game_name,user_name| + game = Game.find_by_name(game_name) + Sampling::RiotApi::set_remote_name(@user, game, user_name) + end + end respond_to do |format| - if @user.update(user_params) + if ok format.html { redirect_to @user, notice: 'User was successfully updated.' } format.json { head :no_content } else @@ -61,6 +108,7 @@ class UsersController < ApplicationController end end + private # Use callbacks to share common setup or constraints between actions. def set_user @@ -69,6 +117,10 @@ class UsersController < ApplicationController # Never trust parameters from the scary internet, only allow the white list through. def user_params - params.require(:user).permit(:name, :email, :user_name) + permitted = [ :name, :email, :user_name, :password, :password_confirmation ] + if current_user.can? :edit_permissions + permitted.push(:abilities => User.permission_bits.keys) + end + params.require(:user).permit(permitted) end end |