api/lib/mno_enterprise/concerns/controllers/jpi/v1/current_users_controller.rb
module MnoEnterprise::Concerns::Controllers::Jpi::V1::CurrentUsersController
extend ActiveSupport::Concern
#==================================================================
# Included methods
#==================================================================
# 'included do' causes the included code to be evaluated in the
# context where it is included rather than being executed in the module's context
included do
before_filter :authenticate_user!, only: [:update, :update_password, :update_tos]
before_filter :user_management_enabled?, only: [:update, :update_password]
respond_to :json
end
#==================================================================
# Instance methods
#==================================================================
# GET /mnoe/jpi/v1/current_user
def show
@user = current_user || MnoEnterprise::User.new
end
# PUT /mnoe/jpi/v1/current_user
def update
@user = current_user
@user.assign_attributes(user_params)
changes = @user.changes
if @user.update(user_params)
MnoEnterprise::EventLogger.info('user_update', current_user.id, 'User update', @user, changes)
render :show
else
render json: @user.errors, status: :bad_request
end
end
# PUT /mnoe/jpi/v1/current_user/register_developer
def register_developer
@user = current_user
if @user.update(developer: true)
MnoEnterprise::EventLogger.info('register_developer', current_user.id, "Developer registration", @user)
render :show
else
render json: @user.errors, status: :bad_request
end
end
# PUT /mnoe/jpi/v1/current_user/update_password
def update_password
@user = current_user
if @user.update(password_params.merge(current_password_required: true))
MnoEnterprise::EventLogger.info('user_update_password', current_user.id, 'User password change', @user)
sign_in @user, bypass: true
render :show
else
render json: @user.errors, status: :bad_request
end
end
def update_tos
@user = current_user
if @user.update({ meta_data: { tos_accepted_at: Time.now } })
MnoEnterprise::EventLogger.info('user_update_tos_accepted_at', current_user.id, 'User accepted TOS', @user)
render :show
else
render json: @user.errors, status: :bad_request
end
end
private
def user_params
params.require(:user).permit(:name, :surname, :email, :company, :settings, :phone, :website, :phone_country_code, :current_password, :password, :password_confirmation)
end
def password_params
params.require(:user).permit(:current_password, :password, :password_confirmation)
end
def user_management_enabled?
return head :forbidden unless Settings.user_management.enabled
end
end