From 7ab98b95e1b90620c24ab6d497a4802c677b5e95 Mon Sep 17 00:00:00 2001 From: nilsding Date: Mon, 3 Nov 2014 13:21:41 +0100 Subject: [PATCH] hhh --- app/controllers/#application_controller.rb# | 15 +++++++++++++++ app/controllers/user_controller.rb | 8 ++++++++ config/routes.rb | 5 +++-- 3 files changed, 26 insertions(+), 2 deletions(-) create mode 100644 app/controllers/#application_controller.rb# diff --git a/app/controllers/#application_controller.rb# b/app/controllers/#application_controller.rb# new file mode 100644 index 00000000..fbe8b9d1 --- /dev/null +++ b/app/controllers/#application_controller.rb# @@ -0,0 +1,15 @@ +class ApplicationController < ActionController::Base + # Prevent CSRF attacks by raising an exception. + # For APIs, you may want to use :null_session instead. + protect_from_forgery with: :exception + + before_filter :configure_permitted_parameters, if: :devise_controller? + + protected + + def configure_permitted_parameters + devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:screen_name, :email, :password, :password_confirmation, :remember_me) } + devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :screen_name, :email, :password, :remember_me) } + devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:screen_name, :email, :password, :password_confirmation, :current_password) } + end +end diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 52a1d24e..09d879b5 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -4,5 +4,13 @@ class UserController < ApplicationController end def edit + + end + + def update + params.permit(:display_name) + current_user.display_name = params[:display_name] + current_user.save! + redirect_to edit_user_profile_path end end diff --git a/config/routes.rb b/config/routes.rb index db052a55..2d809d99 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -15,13 +15,14 @@ Rails.application.routes.draw do post '/user/create' => 'devise/registrations#create', as: :user_registration get '/sign_up' => 'devise/registrations#new', as: :new_user_registration get '/settings/account' => 'devise/registrations#edit', as: :edit_user_registration - patch '/settings/account' => 'devise/registrations#update' + patch '/settings/account' => 'devise/registrations#update', as: :update_user_registration put '/settings/account' => 'devise/registrations#update' delete '/settings/account' => 'devise/registrations#destroy' end match '/settings/profile', to: 'user#edit', via: 'get', as: :edit_user_profile - + match '/settings/profile', to: 'user#update', via: 'patch', as: :update_user_profile + match '/user/:username', to: 'user#show', via: 'get' match '/@:username', to: 'user#show', via: 'get', as: :show_user_profile_at match '/:username', to: 'user#show', via: 'get', as: :show_user_profile