gitlab-org--gitlab-foss/app/controllers/profiles_controller.rb

class ProfilesController < ApplicationController
  include ActionView::Helpers::SanitizeHelper

  before_filter :user
  before_filter :authorize_change_username!, only: :update_username
  skip_before_filter :require_email, only: [:show, :update]

  layout 'profile'

  def show
  end

  def design
  end

  def update
    user_params.except!(:email) if @user.ldap_user?

    if @user.update_attributes(user_params)
      flash[:notice] = "Profile was successfully updated"
    else
      flash[:alert] = "Failed to update profile"
    end

    respond_to do |format|
      format.html { redirect_to :back }
      format.js
    end
  end

  def reset_private_token
    if current_user.reset_authentication_token!
      flash[:notice] = "Token was successfully updated"
    end

    redirect_to profile_account_path
  end

  def history
    @events = current_user.recent_events.page(params[:page]).per(20)
  end

  def update_username
    @user.update_attributes(username: user_params[:username])

    respond_to do |format|
      format.js
    end
  end

  private

  def user
    @user = current_user
  end

  def authorize_change_username!
    return render_404 unless @user.can_change_username?
  end

  def user_params
    params.require(:user).permit(
      :email, :password, :password_confirmation, :bio, :name, :username,
      :skype, :linkedin, :twitter, :website_url, :color_scheme_id, :theme_id,
      :avatar, :hide_no_ssh_key,
    )
  end
end
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00			`class ProfilesController < ApplicationController`
Sanitize user profile input 2013-02-25 20:51:15 +00:00			`include ActionView::Helpers::SanitizeHelper`

Backend Refactoring 2012-07-31 05:32:49 +00:00			`before_filter :user`
Dont allow LDAP users to change password inside GitLab 2013-05-24 14:12:27 +00:00			`before_filter :authorize_change_username!, only: :update_username`
Allow oauth signup without email Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-04-07 11:09:29 +00:00			`skip_before_filter :require_email, only: [:show, :update]`
Dont allow LDAP users to change password inside GitLab 2013-05-24 14:12:27 +00:00
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00			`layout 'profile'`
Backend Refactoring 2012-07-31 05:32:49 +00:00
init commit 2011-10-08 21:36:38 +00:00			`def show`
			`end`

Design tab for profile. Colorscheme as db value 2011-12-20 20:47:09 +00:00			`def design`
			`end`

			`def update`
Make app works with strong params Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-26 20:24:17 +00:00			`user_params.except!(:email) if @user.ldap_user?`
Read-only email field for LDAP user Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-11-27 08:32:37 +00:00
User model to strong params. Comment other attr_accessible to let tests run Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-26 12:11:45 +00:00			`if @user.update_attributes(user_params)`
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00			`flash[:notice] = "Profile was successfully updated"`
			`else`
			`flash[:alert] = "Failed to update profile"`
			`end`
Improve user feedback on the Profile > Design page - Header changes immediately without a page reload - Lets the user know that we actually saved their setting when changed 2012-11-21 20:01:40 +00:00
			`respond_to do \|format\|`
			`format.html { redirect_to :back }`
			`format.js`
			`end`
extended user profile with social fields 2011-10-19 22:34:05 +00:00			`end`

allow user to reset his private token 2011-11-15 13:08:20 +00:00			`def reset_private_token`
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00			`if current_user.reset_authentication_token!`
			`flash[:notice] = "Token was successfully updated"`
			`end`

Restyle Profile#Account page 2013-10-09 13:37:37 +00:00			`redirect_to profile_account_path`
allow user to reset his private token 2011-11-15 13:08:20 +00:00			`end`
Backend Refactoring 2012-07-31 05:32:49 +00:00
Refactored profile area 2012-09-14 16:13:25 +00:00			`def history`
			`@events = current_user.recent_events.page(params[:page]).per(20)`
			`end`

Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00			`def update_username`
User model to strong params. Comment other attr_accessible to let tests run Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-26 12:11:45 +00:00			`@user.update_attributes(username: user_params[:username])`
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00
			`respond_to do \|format\|`
			`format.js`
			`end`
			`end`

Refactored profile area 2012-09-14 16:13:25 +00:00			`private`
Backend Refactoring 2012-07-31 05:32:49 +00:00
			`def user`
			`@user = current_user`
			`end`
Sanitize user profile input 2013-02-25 20:51:15 +00:00
Dont allow LDAP users to change password inside GitLab 2013-05-24 14:12:27 +00:00			`def authorize_change_username!`
			`return render_404 unless @user.can_change_username?`
			`end`
User model to strong params. Comment other attr_accessible to let tests run Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-26 12:11:45 +00:00
			`def user_params`
			`params.require(:user).permit(`
			`:email, :password, :password_confirmation, :bio, :name, :username,`
			`:skype, :linkedin, :twitter, :website_url, :color_scheme_id, :theme_id,`
			`:avatar, :hide_no_ssh_key,`
			`)`
			`end`
init commit 2011-10-08 21:36:38 +00:00			`end`