Advertisement
Guest User

UsersController

a guest
Sep 17th, 2013
127
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Ruby 2.15 KB | None | 0 0
  1. class UsersController < ApplicationController
  2.   skip_before_action :authorize, only: [:new, :create]
  3.  
  4.   before_action :set_user, only: [:update, :destroy]
  5.   before_action :ensure_permission, only: [:update, :destroy]
  6.  
  7.   def new
  8.     @track = true
  9.     @user = User.new
  10.     if params[:coupon]
  11.       @coupon = Coupon.where(coupon_code: params[:coupon]).first
  12.       @coupon_valid = @coupon.present? && !@coupon.redeemed
  13.       @user.coupon_code = params[:coupon]
  14.     end
  15.     if !ENV['STRIPE_API_KEY'] || params[:coupon]
  16.       @user.plan_id = Plan.find_by_stripe_id('free').id
  17.     end
  18.   end
  19.  
  20.   def create
  21.     @user = User.new(user_params)
  22.     @user.update_auth_token = true
  23.  
  24.     coupon_valid = false
  25.     if user_params['coupon_code']
  26.       coupon = Coupon.find_by_coupon_code(user_params['coupon_code'])
  27.       coupon_valid = (coupon.present? && !coupon.redeemed)
  28.     end
  29.    
  30.     if coupon_valid || !ENV['STRIPE_API_KEY']
  31.       @user.free_ok = true
  32.     end
  33.    
  34.     if params[:user] && params[:user][:password]
  35.       @user.password_confirmation = params[:user][:password]
  36.     end
  37.    
  38.     if @user.save
  39.       sign_in @user
  40.       redirect_to root_url
  41.     else
  42.       render "new"
  43.     end
  44.   end
  45.  
  46.   def update
  47.     @user.update_auth_token = true
  48.     @user.old_password_valid = @user.authenticate(params[:user][:old_password])
  49.     @user.free_ok = (@user.plan.stripe_id == 'free')
  50.     @user.attributes = user_params
  51.     if params[:user] && params[:user][:password]
  52.       @user.password_confirmation = params[:user][:password]
  53.     end
  54.     if @user.save
  55.       sign_in @user
  56.       redirect_to settings_account_path, notice: 'Account updated.'
  57.     else
  58.       redirect_to settings_account_path, alert: @user.errors.full_messages.join('. ') + '.'
  59.     end
  60.   end  
  61.  
  62.   def destroy
  63.     @user.destroy
  64.     redirect_to root_url
  65.   end
  66.  
  67.   private
  68.  
  69.   def set_user
  70.     @user = current_user
  71.   end
  72.  
  73.   def ensure_permission
  74.     unless @user.id == current_user.id || current_user.admin
  75.       render_404
  76.     end
  77.   end
  78.  
  79.   def user_params
  80.     params.require(:user).permit(:email, :password, :stripe_token, :coupon_code, :plan_id)
  81.   end
  82.  
  83.    
  84. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement