Merge pull request #5437 from AntonKhorev/user-status-resource

Use resourceful route for user status
2025-01-17 17:55:02 +00:00 · 2025-01-17 17:55:02 +00:00 · 4370fe45ad
commit 4370fe45ad
parent d6238e87a1 8db2ff289f
7 changed files with 141 additions and 129 deletions
--- a/app/controllers/users/statuses_controller.rb
+++ b/app/controllers/users/statuses_controller.rb
@ -0,0 +1,36 @@
+module Users
+  class StatusesController < ApplicationController
+    layout "site"
+
+    before_action :authorize_web
+    before_action :set_locale
+    before_action :check_database_readable
+
+    authorize_resource :class => :user_status
+
+    before_action :lookup_user_by_name
+
+    ##
+    # sets a user's status
+    def update
+      @user.activate! if params[:event] == "activate"
+      @user.confirm! if params[:event] == "confirm"
+      @user.unconfirm! if params[:event] == "unconfirm"
+      @user.hide! if params[:event] == "hide"
+      @user.unhide! if params[:event] == "unhide"
+      @user.unsuspend! if params[:event] == "unsuspend"
+      @user.soft_destroy! if params[:event] == "soft_destroy" # destroy a user, marking them as deleted and removing personal data
+      redirect_to user_path(params[:user_display_name])
+    end
+
+    private
+
+    ##
+    # ensure that there is a "user" instance variable
+    def lookup_user_by_name
+      @user = User.find_by!(:display_name => params[:user_display_name])
+    rescue ActiveRecord::RecordNotFound
+      redirect_to user_path(params[:user_display_name]) unless @user
+    end
+  end
+end
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -14,7 +14,6 @@ class UsersController < ApplicationController

  before_action :check_database_writable, :only => [:new, :go_public]
  before_action :require_cookies, :only => [:new]
-  before_action :lookup_user_by_name, :only => [:set_status, :destroy]

  allow_thirdparty_images :only => :show
  allow_social_login :only => :new
@ -98,13 +97,6 @@ class UsersController < ApplicationController
    end
  end

-  ##
-  # destroy a user, marking them as deleted and removing personal data
-  def destroy
-    @user.soft_destroy!
-    redirect_to user_path(:display_name => params[:display_name])
-  end
-
  def go_public
    current_user.data_public = true
    current_user.save
@ -112,18 +104,6 @@ class UsersController < ApplicationController
    redirect_to edit_account_path
  end

-  ##
-  # sets a user's status
-  def set_status
-    @user.activate! if params[:event] == "activate"
-    @user.confirm! if params[:event] == "confirm"
-    @user.unconfirm! if params[:event] == "unconfirm"
-    @user.hide! if params[:event] == "hide"
-    @user.unhide! if params[:event] == "unhide"
-    @user.unsuspend! if params[:event] == "unsuspend"
-    redirect_to user_path(:display_name => params[:display_name])
-  end
-
  ##
  # omniauth success callback
  def auth_success
@ -237,14 +217,6 @@ class UsersController < ApplicationController
    end
  end

-  ##
-  # ensure that there is a "user" instance variable
-  def lookup_user_by_name
-    @user = User.find_by(:display_name => params[:display_name])
-  rescue ActiveRecord::RecordNotFound
-    redirect_to :action => "view", :display_name => params[:display_name] unless @user
-  end
-
  ##
  # return permitted user parameters
  def user_params