app/controllers/users/registrations_controller.rb from bcgoss/census

app/controllers/users/registrations_controller.rb
Summary

Maintainability

0 mins
Test Coverage

Issues
class Users::RegistrationsController < Devise::RegistrationsController
# before_action :configure_sign_up_params, only: [:create]
# before_action :configure_account_update_params, only: [:update]

  # GET /resource/sign_up
  def new
    if params[:invite_code]
      invitation = invitation(params[:invite_code])
      if invitation
        @user = User.new(email: invitation.email)
        @user.skip_confirmation!
        session[:invitation_code] = invitation.invitation_code
        render :new
      else
        render file: "/public/404", status: 404, layout: false
      end
    else
      render file: "/public/404", status: 404, layout: false
    end
  end

  # POST /resource
  def create
    if valid_invitation_code?
      @user= User.new(invited_user_params)
      @user.roles << invitation(session[:invitation_code]).role
      @user.skip_confirmation!
      if @user.save
        session[:invitation_code] = nil
        flash[:info] = 'You have succesfully signed up! Please log in to continue.'
        redirect_to new_user_session_path
      else
        flash[:error] = @user.errors.full_messages.join(", ")
        redirect_to new_user_registration_path(invite_code: session[:invitation_code])
      end
    else
      super
    end
  end

  # GET /resource/edit
  # def edit
  #   super
  # end

  # PUT /resource
  # def update
  #   super
  # end

  # DELETE /resource
  # def destroy
  #   super
  # end

  # GET /resource/cancel
  # Forces the session data which is usually expired after sign
  # in to be expired now. This is useful if the user wants to
  # cancel oauth signing in/up in the middle of the process,
  # removing all OAuth session data.
  # def cancel
  #   super
  # end

  # protected

  # If you have extra params to permit, append them to the sanitizer.
  # def configure_sign_up_params
  #   devise_parameter_sanitizer.permit(:sign_up, keys: [:attribute])
  # end

  # If you have extra params to permit, append them to the sanitizer.
  # def configure_account_update_params
  #   devise_parameter_sanitizer.permit(:account_update, keys: [:attribute])
  # end

  # The path used after sign up.
  # def after_sign_up_path_for(resource)
  #   super(resource)
  # end

  # The path used after sign up for inactive accounts.
  # def after_inactive_sign_up_path_for(resource)
  #   super(resource)
  # end

  private

    def invitation(code)
      @invitation ||= Invitation.find_by(invitation_code: code)
    end
    def invited_user_params
      params.require(:user).permit(
        :email,
        :first_name,
        :last_name,
        :twitter,
        :linked_in,
        :git_hub,
        :slack,
        :cohort,
        :password,
        :password_confirmation
      )
    end

    def valid_invitation_code?
      invitation = invitation(session[:invitation_code])
      !!invitation && invitation.email == params[:user][:email]
    end
end