11832cc07d
When customizing CONSUL, one of the most common actions is adding a new
field to a form.
This requires modifying the permitted/allowed parameters. However, in
most cases, the method returning these parameters returned an instance
of `ActionController::Parameters`, so adding more parameters to it
wasn't easy.
So customizing the code required copying the method returning those
parameters and adding the new ones. For example:
```
def something_params
params.require(:something).permit(
:one_consul_attribute,
:another_consul_attribute,
:my_custom_attribute
)
end
```
This meant that, if the `something_params` method changed in CONSUL, the
customization of this method had to be updated as well.
So we're extracting the logic returning the parameters to a method which
returns an array. Now this code can be customized without copying the
original method:
```
alias_method :consul_allowed_params, :allowed_params
def allowed_params
consul_allowed_params + [:my_custom_attribute]
end
```
62 lines
2.3 KiB
Ruby
62 lines
2.3 KiB
Ruby
class Users::ConfirmationsController < Devise::ConfirmationsController
|
|
# new action, PATCH does not exist in the default Devise::ConfirmationsController
|
|
# PATCH /resource/confirmation
|
|
def update
|
|
self.resource = resource_class.find_by(confirmation_token: params[:confirmation_token])
|
|
|
|
if resource.encrypted_password.blank?
|
|
resource.assign_attributes(resource_params)
|
|
|
|
if resource.valid? # password is set correctly
|
|
resource.save!
|
|
set_official_position if resource.has_official_email?
|
|
resource.confirm
|
|
set_flash_message(:notice, :confirmed) if is_flashing_format?
|
|
sign_in_and_redirect(resource_name, resource)
|
|
else
|
|
render :show
|
|
end
|
|
else
|
|
resource.errors.add(:email, :password_already_set)
|
|
respond_with_navigational(resource.errors, status: :unprocessable_entity) { render :new }
|
|
end
|
|
end
|
|
|
|
# GET /resource/confirmation?confirmation_token=abcdef
|
|
def show
|
|
# In the default implementation, this already confirms the resource:
|
|
# self.resource = self.resource = resource_class.confirm_by_token(params[:confirmation_token])
|
|
self.resource = resource_class.find_by!(confirmation_token: params[:confirmation_token])
|
|
|
|
yield resource if block_given?
|
|
|
|
# New condition added to if: when no password was given, display the "show" view (which uses "update" above)
|
|
if resource.encrypted_password.blank?
|
|
respond_with_navigational(resource) { render :show }
|
|
elsif resource.errors.empty?
|
|
set_official_position if resource.has_official_email?
|
|
resource.confirm # Last change: confirm happens here for people with passwords instead of af the top of the show action
|
|
set_flash_message(:notice, :confirmed) if is_flashing_format?
|
|
respond_with_navigational(resource) { redirect_to after_confirmation_path_for(resource_name, resource) }
|
|
else
|
|
respond_with_navigational(resource.errors, status: :unprocessable_entity) { render :new }
|
|
end
|
|
end
|
|
|
|
protected
|
|
|
|
def resource_params
|
|
params.require(resource_name).permit(allowed_params)
|
|
end
|
|
|
|
def allowed_params
|
|
[:password, :password_confirmation, :email]
|
|
end
|
|
|
|
private
|
|
|
|
def set_official_position
|
|
resource.add_official_position! (Setting["official_level_1_name"]), 1
|
|
end
|
|
end
|