Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class UsersController < ApplicationController
- before_filter :this_user, only: [:edit, :update, :destroy]
- before_filter :unauthenticated, only: [:create, :new]
- before_action :set_user, only: [:show, :edit, :update, :destroy]
- # GET /users
- # GET /users.json
- def index
- @users = User.all
- end
- # GET /users/1
- # GET /users/1.json
- def show
- end
- # GET /users/new
- def new
- @user = User.new
- end
- # GET /users/1/edit
- def edit
- end
- # POST /users
- # POST /users.json
- def create
- user_params[:username] = user_params[:username].downcase
- @user = User.new(user_params)
- respond_to do |format|
- if @user.save
- format.html { redirect_to @user, notice: 'User was successfully created.' }
- format.json { render :show, status: :created, location: @user }
- else
- format.html { render :new }
- format.json { render json: @user.errors, status: :unprocessable_entity }
- end
- end
- end
- # PATCH/PUT /users/1
- # PATCH/PUT /users/1.json
- def update
- respond_to do |format|
- if @user.update(user_params)
- format.html { redirect_to @user, notice: 'User was successfully updated.' }
- format.json { render :show, status: :ok, location: @user }
- else
- format.html { render :edit }
- format.json { render json: @user.errors, status: :unprocessable_entity }
- end
- end
- end
- # DELETE /users/1
- # DELETE /users/1.json
- def destroy
- @user.destroy
- respond_to do |format|
- format.html { redirect_to users_url }
- format.json { head :no_content }
- end
- end
- private
- # Use callbacks to share common setup or constraints between actions.
- def set_user
- @user = User.find(params[:id])
- end
- # Never trust parameters from the scary internet, only allow the white list through.
- def user_params
- params.require(:user).permit(:username, :email, :password, :password_confirmation)
- end
- def unauthenticated
- if session[:user_id]
- redirect_to root_path
- end
- end
- def this_user
- user = User.find_by id: session[:user_id]
- unless user
- render nothing: true, status: :forbidden
- end
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement