/backend/app/controllers/spree/admin/users_controller.rb
Ruby | 109 lines | 89 code | 19 blank | 1 comment | 12 complexity | aaf41f25e6cf23611c82619007d8264f MD5 | raw file
Possible License(s): BSD-3-Clause
- module Spree
- module Admin
- class UsersController < ResourceController
- rescue_from Spree::Core::DestroyWithOrdersError, with: :user_destroy_with_orders_error
- after_action :sign_in_if_change_own_password, only: :update
- def show
- redirect_to edit_admin_user_path(@user)
- end
- def create
- @user = Spree.user_class.new(user_params)
- if @user.save
- flash.now[:success] = flash_message_for(@user, :successfully_created)
- render :edit
- else
- render :new
- end
- end
- def update
- if params[:user][:password].blank? && params[:user][:password_confirmation].blank?
- params[:user].delete(:password)
- params[:user].delete(:password_confirmation)
- end
- if @user.update_attributes(user_params)
- flash.now[:success] = Spree.t(:account_updated)
- end
- render :edit
- end
- def addresses
- if request.put?
- if @user.update_attributes(user_params)
- flash.now[:success] = Spree.t(:account_updated)
- end
- render :addresses
- end
- end
- def orders
- params[:q] ||= {}
- @search = Spree::Order.reverse_chronological.ransack(params[:q].merge(user_id_eq: @user.id))
- @orders = @search.result.page(params[:page])
- end
- def items
- params[:q] ||= {}
- @search = Spree::Order.includes(
- line_items: {
- variant: [:product, { option_values: :option_type }]
- }).ransack(params[:q].merge(user_id_eq: @user.id))
- @orders = @search.result.page(params[:page])
- end
- def generate_api_key
- if @user.generate_spree_api_key!
- flash[:success] = Spree.t('api.key_generated')
- end
- redirect_to edit_admin_user_path(@user)
- end
- def clear_api_key
- if @user.clear_spree_api_key!
- flash[:success] = Spree.t('api.key_cleared')
- end
- redirect_to edit_admin_user_path(@user)
- end
- def model_class
- Spree.user_class
- end
- protected
- def collection
- return @collection if @collection.present?
- @collection = super
- @search = @collection.ransack(params[:q])
- @collection = @search.result.page(params[:page]).per(Spree::Config[:admin_users_per_page])
- end
- private
- def user_params
- params.require(:user).permit(permitted_user_attributes |
- [spree_role_ids: [],
- ship_address_attributes: permitted_address_attributes,
- bill_address_attributes: permitted_address_attributes])
- end
- # handling raise from Spree::Admin::ResourceController#destroy
- def user_destroy_with_orders_error
- invoke_callbacks(:destroy, :fails)
- render status: :forbidden, plain: Spree.t(:error_user_destroy_with_orders)
- end
- def sign_in_if_change_own_password
- if try_spree_current_user == @user && @user.password.present?
- sign_in(@user, event: :authentication, bypass: true)
- end
- end
- end
- end
- end