Class: Api::V1::UsersController

Inherits:
BaseController show all
Defined in:
app/controllers/api/v1/users_controller.rb

Direct Known Subclasses

Api::V2::UsersController

Instance Method Summary collapse

Methods included from Api::Version1

#api_version

Methods inherited from BaseController

#get_resource, #resource_class, #resource_name, #resource_scope

Methods included from Foreman::ThreadSession::Cleaner

#clear_thread, included

Instance Method Details

#createObject


38
39
40
41
42
43
44
45
46
47
# File 'app/controllers/api/v1/users_controller.rb', line 38

def create
  admin = params[:user].delete(:admin)
  @user = User.new(params[:user]) { |u| u.admin = admin }
  if @user.save
    @user.roles << Role.find_by_name("Anonymous") unless @user.roles.map(&:name).include? "Anonymous"
    process_success
  else
    process_resource_error
  end
end

#destroyObject


87
88
89
90
91
92
93
# File 'app/controllers/api/v1/users_controller.rb', line 87

def destroy
  if @user == User.current
    deny_access "You are trying to delete your own account"
  else
    process_response @user.destroy
  end
end

#indexObject


12
13
14
# File 'app/controllers/api/v1/users_controller.rb', line 12

def index
  @users = User.search_for(*search_options).paginate(paginate_options)
end

#showObject


19
20
21
# File 'app/controllers/api/v1/users_controller.rb', line 19

def show
  @user
end

#updateObject


65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# File 'app/controllers/api/v1/users_controller.rb', line 65

def update
  admin = params[:user].has_key?(:admin) ? params[:user].delete(:admin) : nil
  # Remove keys for restricted variables when the user is editing their own account
  if @user == User.current
    for key in params[:user].keys
      params[:user].delete key unless %w{password_confirmation password mail firstname lastname}.include? key
    end
  end
  if @user.update_attributes(params[:user])
    # Only an admin can update admin attribute of another use
    # this is required, as the admin field is blacklisted above
    @user.update_attribute(:admin, admin) if User.current.admin and !admin.nil?
    @user.roles << Role.find_by_name("Anonymous") unless @user.roles.map(&:name).include? "Anonymous"
    process_success
  else
    process_resource_error
  end
end