hokui/hokui.net

View on GitHub
app/controllers/api/users_controller.rb

Summary

Maintainability
A
0 mins
Test Coverage
class Api::UsersController < Api::ApplicationController
  skip_before_action :require_login_with_token, only: [:create, :activate]
  before_action :set_user, only: [:show, :destroy, :approve]
  after_action :verify_authorized, except: [:create, :profile, :activate]

  def index
    @users = User.all
    authorize User
    render json: @users
  end

  def show
    authorize @user
    render json: @user
  end

  def create
    @user = User.new(user_params)
    if @user.save
      render json: @user, status: 201
    else
      render json: @user, status: 422
    end
  end

  def destroy
    authorize @user
    @user.destroy
    head 200
  end

  def activate
    params = ActionController::Parameters.new(JSON.parse(request.body.read))
    user = User.load_from_activation_token(params[:activation_token])
    if user
      user.activate!
      head 200
    else
      head 400
    end
  end

  def approve
    authorize @user
    @user.approve!
    head 200
  end

  private

  def set_user
    @user = User.find(params[:id])
  end

  def user_params
    ActionController::Parameters.new(JSON.parse(request.body.read))
      .permit(
        :email,
        :password,
        :family_name,
        :given_name,
        :handle_name,
        :birthday,
        :email_mobile,
        :class_year_id
      )
  end
end