forked from trvsdnn/roswell
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
88 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,21 @@ | |||
class UsersController < ApplicationController | |||
before_filter :authorize | |||
before_filter :authorize_me | |||
|
|||
def edit | |||
end | |||
|
|||
def update | |||
if @user.update_attributes params[:user] | |||
redirect_to edit_user_path(@user), :notice => "account updated" | |||
else | |||
render action: :edit | |||
end | |||
end | |||
|
|||
private | |||
def authorize_me | |||
@user = User.find(params[:id]) | |||
deny_access! if current_user.id != @user.id | |||
end | |||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,9 @@ | |||
<%= f.label :username %> | |||
<%= f.text_field :username %> | |||
<%= f.label :password %> | |||
<%= f.password_field :password %> | |||
<%= f.label :password_confirmation %> | |||
<%= f.password_field :password_confirmation %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,11 @@ | |||
<div class="page-header"> | |||
<h3>My account</h3> | |||
</div> | |||
|
|||
<div class="span6"> | |||
<%= form_for @user do |f| %> | |||
<%= render 'admin/users/form_fields', f: f %> | |||
<br /> | |||
<button type="submit" class="btn">Update</button> | |||
<% end %> | |||
</div> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,41 @@ | |||
require "minitest_helper" | |||
|
|||
describe UsersController do | |||
let(:user) { FactoryGirl.create(:user) } | |||
before { sign_in user } | |||
|
|||
it "refuses to edit not me" do | |||
get :edit, id: FactoryGirl.create(:user) | |||
assert_redirected_to login_path | |||
end | |||
|
|||
it "accepts to edit me" do | |||
get :edit, id: user | |||
assert_response :success | |||
end | |||
|
|||
it "refuses to update not me" do | |||
post :update, id: FactoryGirl.create(:user), user: valid_attributes | |||
assert_redirected_to login_path | |||
end | |||
|
|||
it "updates me if attributes are valid" do | |||
post :update, id: user, user: valid_attributes | |||
user.reload | |||
assert_equal 'this_is_me', user.username | |||
assert_redirected_to user | |||
end | |||
|
|||
it "re-renders the form if attributes are not valid" do | |||
post :update, id: user, user: invalid_attributes | |||
assert_response :success | |||
end | |||
|
|||
|
|||
def valid_attributes | |||
{ username: 'this_is_me', password: 'secret_password', password_confirmation: 'secret_password' } | |||
end | |||
def invalid_attributes | |||
{ username: 'this_is_me', password: 'secret_password', password_confirmation: 'oups...' } | |||
end | |||
end |