在没有current_password的情况下设计自定义视图的编辑

时间:2014-01-03 21:00:09

标签: ruby-on-rails devise ruby-on-rails-4

我正在尝试将配置文件编辑功能放到自定义'/ info'页面上,而不需要current_password。它仅在您输入current_password时有效。如果没有当前密码,则不会发生错误,但会重定向到控制器中指定的不成功更新路径。

我有一个registrations_controller,它会覆盖设计一个:

class RegistrationsController < Devise::RegistrationsController
def info
    @user = current_user
    if @user 
        render :info
    else
        render file: 'public/404', status: 404, formats: [:html]
     end 
end

def update
@user = User.find(current_user.id)

successfully_updated = if needs_password?(@user, params)
  @user.update_with_password(devise_parameter_sanitizer.for(:account_update))

else

  params[:user].delete(:current_password)
  @user.update_without_password(devise_parameter_sanitizer.for(:account_update))

end

if successfully_updated
  set_flash_message :notice, :updated

  sign_in @user, :bypass => true
  redirect_to user_path(current_user)
 else
  redirect_to user_path(current_user)
 end
end

def needs_password?(user, params)
 user.email != params[:user][:email] ||
  params[:user][:password].present?
end


protected

def after_sign_up_path_for(resource)
 '/info'
end

def needs_password?(user, params)
  user.email != params[:user][:email] ||
    params[:user][:password].present?
 end  
end

application_controller:

before_filter :configure_permitted_parameters, if: :devise_controller?

protected

def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name, :email, :password, :password_confirmation, :image) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :email, :current_password, :password, :password_confirmation, :image) }
end

routes.rb中:

devise_for :users, :controllers => { :registrations => "registrations" }
devise_scope :user do
get "/info" => "registrations#info"
end

info.html.erb:

<%= simple_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put}) do |f| %>
<%= f.error_notification %>

<%= f.input :image %>
<%= f.submit "Update", class: "button5"%>

<% end %>

1 个答案:

答案 0 :(得分:1)

如果您不希望它需要密码,您可以删除if needs_password? / else代码并始终只使用update_without_password - 或者您可以定义needs_password?总是返回假。

注意:您的needs_password?方法在示例代码中定义了两次。

相关问题
最新问题