gitlab-org--gitlab-foss/app/controllers/profiles_controller.rb

class ProfilesController < Profiles::ApplicationController
  include ActionView::Helpers::SanitizeHelper

  before_action :user
  before_action :authorize_change_username!, only: :update_username
  skip_before_action :require_email, only: [:show, :update]

  def show
  end

  def applications
    @applications = current_user.oauth_applications
    @authorized_tokens = current_user.oauth_authorized_tokens
    @authorized_apps = @authorized_tokens.map(&:application).uniq
  end

  def update
    user_params.except!(:email) if @user.ldap_user?

    if @user.update_attributes(user_params)
      flash[:notice] = "Profile was successfully updated"
    else
      messages = @user.errors.full_messages.uniq.join('. ')
      flash[:alert] = "Failed to update profile. #{messages}"
    end

    respond_to do |format|
      format.html { redirect_to :back }
    end
  end

  def reset_private_token
    if current_user.reset_authentication_token!
      flash[:notice] = "Token was successfully updated"
    end

    redirect_to profile_account_path
  end

  def history
    @events = current_user.recent_events.page(params[:page]).per(PER_PAGE)
  end

  def update_username
    @user.update_attributes(username: user_params[:username])

    respond_to do |format|
      format.js
    end
  end

  private

  def user
    @user = current_user
  end

  def authorize_change_username!
    return render_404 unless @user.can_change_username?
  end

  def user_params
    params.require(:user).permit(
      :avatar,
      :bio,
      :email,
      :hide_no_password,
      :hide_no_ssh_key,
      :linkedin,
      :location,
      :name,
      :password,
      :password_confirmation,
      :public_email,
      :skype,
      :twitter,
      :username,
      :website_url
    )
  end
end
Add a page title to every page. 2015-04-30 17:06:18 +00:00			`class ProfilesController < Profiles::ApplicationController`
Sanitize user profile input 2013-02-25 20:51:15 +00:00			`include ActionView::Helpers::SanitizeHelper`

Fixed the Rails/ActionFilter cop Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-04-16 12:03:37 +00:00			`before_action :user`
			`before_action :authorize_change_username!, only: :update_username`
			`skip_before_action :require_email, only: [:show, :update]`
Dont allow LDAP users to change password inside GitLab 2013-05-24 14:12:27 +00:00
init commit 2011-10-08 21:36:38 +00:00			`def show`
			`end`

Rework oauth2 feature * improve UI * add authorization * add separate page for oauth applications Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-12-25 16:35:04 +00:00			`def applications`
			`@applications = current_user.oauth_applications`
			`@authorized_tokens = current_user.oauth_authorized_tokens`
Use shorter map() syntax 2015-02-16 03:50:53 +00:00			`@authorized_apps = @authorized_tokens.map(&:application).uniq`
Rework oauth2 feature * improve UI * add authorization * add separate page for oauth applications Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-12-25 16:35:04 +00:00			`end`

Design tab for profile. Colorscheme as db value 2011-12-20 20:47:09 +00:00			`def update`
Make app works with strong params Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-26 20:24:17 +00:00			`user_params.except!(:email) if @user.ldap_user?`
Read-only email field for LDAP user Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-11-27 08:32:37 +00:00
User model to strong params. Comment other attr_accessible to let tests run Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-26 12:11:45 +00:00			`if @user.update_attributes(user_params)`
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00			`flash[:notice] = "Profile was successfully updated"`
			`else`
Add error message when have error on profile screen 2015-03-19 02:18:35 +00:00			`messages = @user.errors.full_messages.uniq.join('. ')`
			`flash[:alert] = "Failed to update profile. #{messages}"`
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00			`end`
Improve user feedback on the Profile > Design page - Header changes immediately without a page reload - Lets the user know that we actually saved their setting when changed 2012-11-21 20:01:40 +00:00
			`respond_to do \|format\|`
			`format.html { redirect_to :back }`
			`end`
extended user profile with social fields 2011-10-19 22:34:05 +00:00			`end`

allow user to reset his private token 2011-11-15 13:08:20 +00:00			`def reset_private_token`
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00			`if current_user.reset_authentication_token!`
			`flash[:notice] = "Token was successfully updated"`
			`end`

Restyle Profile#Account page 2013-10-09 13:37:37 +00:00			`redirect_to profile_account_path`
allow user to reset his private token 2011-11-15 13:08:20 +00:00			`end`
Backend Refactoring 2012-07-31 05:32:49 +00:00
Refactored profile area 2012-09-14 16:13:25 +00:00			`def history`
Use same constant for amount of items per page 2015-03-12 22:37:00 +00:00			`@events = current_user.recent_events.page(params[:page]).per(PER_PAGE)`
Refactored profile area 2012-09-14 16:13:25 +00:00			`end`

Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00			`def update_username`
User model to strong params. Comment other attr_accessible to let tests run Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-26 12:11:45 +00:00			`@user.update_attributes(username: user_params[:username])`
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 11:29:24 +00:00
			`respond_to do \|format\|`
			`format.js`
			`end`
			`end`

Refactored profile area 2012-09-14 16:13:25 +00:00			`private`
Backend Refactoring 2012-07-31 05:32:49 +00:00
			`def user`
			`@user = current_user`
			`end`
Sanitize user profile input 2013-02-25 20:51:15 +00:00
Dont allow LDAP users to change password inside GitLab 2013-05-24 14:12:27 +00:00			`def authorize_change_username!`
			`return render_404 unless @user.can_change_username?`
			`end`
User model to strong params. Comment other attr_accessible to let tests run Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-26 12:11:45 +00:00
			`def user_params`
			`params.require(:user).permit(`
Move the "Design" templates and logic to Preferences 2015-06-05 17:57:01 +00:00			`:avatar,`
			`:bio,`
			`:email,`
			`:hide_no_password,`
			`:hide_no_ssh_key,`
			`:linkedin,`
			`:location,`
			`:name,`
			`:password,`
			`:password_confirmation,`
			`:public_email,`
			`:skype,`
			`:twitter,`
			`:username,`
			`:website_url`
User model to strong params. Comment other attr_accessible to let tests run Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-26 12:11:45 +00:00			`)`
			`end`
init commit 2011-10-08 21:36:38 +00:00			`end`