evolix
/
evodata
21
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
evodata/app/controllers/users_controller.rb

85 lines
2.0 KiB
Ruby
Raw Blame History

class UsersController < ApplicationController
before_action :set_user, only: %i[show edit update destroy]
# GET /users or /users.json
def index
authorize User
# @users = policy_scope(User)
@users = User.all
end
# GET /users/1 or /users/1.json
def show
authorize @user
end
# GET /users/new
def new
@user = User.new
end
# GET /users/1/edit
def edit
authorize @user
end
# POST /users or /users.json
def create
@user = User.new(user_params)
authorize @user
respond_to do |format|
if @user.save
format.html { redirect_to user_url(@user), notice: "User was successfully created." }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new, status: :unprocessable_entity }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /users/1 or /users/1.json
def update
authorize @user
respond_to do |format|
if @user.update(user_params)
if @user.unconfirmed? && params.fetch(:user, {}).fetch(:confirm, "0") == "1"
@user.confirm!
end
format.html { redirect_to user_url(@user), notice: "User was successfully updated." }
format.json { render :show, status: :ok, location: @user }
else
format.html { render :edit, status: :unprocessable_entity }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# DELETE /users/1 or /users/1.json
def destroy
@user.destroy
authorize @user
respond_to do |format|
format.html { redirect_to users_url, notice: "User was successfully destroyed." }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
@user = User.find(params[:id])
end
# Only allow a list of trusted parameters through.
def user_params
params.require(:user).permit(:name, :email, :admin)
end
end
Reference in New Issue View Git Blame Copy Permalink