diff options
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r-- | app/controllers/users_controller.rb | 28 |
1 files changed, 17 insertions, 11 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 58bf4c6..bcb45aa 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,7 +1,7 @@ class UsersController < ApplicationController - before_action :set_user, only: [:show, :edit, :update, :destroy] # GET /users + # GET /users.json def index @users = User.all @@ -24,15 +24,17 @@ class UsersController < ApplicationController # POST /users # POST /users.json def create - @user = User.new(user_params) - - respond_to do |format| - if @user.save - format.html { redirect_to @user, notice: 'User was successfully created.' } - format.json { render action: 'show', status: :created, location: @user } - else - format.html { render action: 'new' } - format.json { render json: @user.errors, status: :unprocessable_entity } + if simple_captcha_valid? + @user = User.new(user_params) + respond_to do |format| + if @user.save + sign_in @user + format.html { redirect_to root_path, notice: 'User was successfully created.' } + format.json { render action: 'show', status: :created, location: @user } + else + format.html { render action: 'new', status: :unprocessable_entity } + format.json { render json: @user.errors, status: :unprocessable_entity } + end end end end @@ -67,8 +69,12 @@ class UsersController < ApplicationController @user = User.find(params[:id]) end + def is_owner?(object) + object == current_user + end + # Never trust parameters from the scary internet, only allow the white list through. def user_params - params.require(:user).permit(:name, :email, :user_name) + params.require(:user).permit(:name, :email, :user_name, :password, :password_confirmation) end end |