2021-01-14 15:05:22 +00:00
|
|
|
class Platform::Api::V1::UsersController < PlatformController
|
|
|
|
# ref: https://stackoverflow.com/a/45190318/939299
|
|
|
|
# set resource is called for other actions already in platform controller
|
|
|
|
# we want to add login to that chain as well
|
|
|
|
before_action(only: [:login]) { set_resource }
|
|
|
|
before_action(only: [:login]) { validate_platform_app_permissible }
|
|
|
|
|
|
|
|
def create
|
|
|
|
@resource = (User.find_by(email: user_params[:email]) || User.new(user_params))
|
2022-03-24 19:06:59 +00:00
|
|
|
@resource.skip_confirmation!
|
2021-01-14 15:05:22 +00:00
|
|
|
@resource.save!
|
2022-03-23 10:39:10 +00:00
|
|
|
@platform_app.platform_app_permissibles.find_or_create_by!(permissible: @resource)
|
2021-01-14 15:05:22 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def login
|
2022-02-07 23:17:36 +00:00
|
|
|
encoded_email = ERB::Util.url_encode(@resource.email)
|
2022-07-15 02:51:59 +00:00
|
|
|
render json: { url: "#{ENV.fetch('FRONTEND_URL', nil)}/app/login?email=#{encoded_email}&sso_auth_token=#{@resource.generate_sso_auth_token}" }
|
2021-01-14 15:05:22 +00:00
|
|
|
end
|
|
|
|
|
2021-03-15 13:45:48 +00:00
|
|
|
def show; end
|
2021-01-14 15:05:22 +00:00
|
|
|
|
|
|
|
def update
|
2021-09-02 12:59:45 +00:00
|
|
|
@resource.assign_attributes(user_update_params)
|
2022-05-09 18:58:46 +00:00
|
|
|
|
|
|
|
# We are using devise's reconfirmable flow for changing emails
|
|
|
|
# But in case of platform APIs we don't want user to go through this extra step
|
|
|
|
@resource.skip_reconfirmation! if user_update_params[:email].present?
|
2021-09-02 12:59:45 +00:00
|
|
|
@resource.save!
|
2021-01-14 15:05:22 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def destroy
|
2021-09-02 12:59:45 +00:00
|
|
|
DeleteObjectJob.perform_later(@resource)
|
2021-01-14 15:05:22 +00:00
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2021-09-02 12:59:45 +00:00
|
|
|
def user_custom_attributes
|
|
|
|
return @resource.custom_attributes.merge(user_params[:custom_attributes]) if user_params[:custom_attributes]
|
|
|
|
|
|
|
|
@resource.custom_attributes
|
|
|
|
end
|
|
|
|
|
|
|
|
def user_update_params
|
|
|
|
# we want the merged custom attributes not the original one
|
|
|
|
user_params.except(:custom_attributes).merge({ custom_attributes: user_custom_attributes })
|
|
|
|
end
|
|
|
|
|
2021-01-14 15:05:22 +00:00
|
|
|
def set_resource
|
|
|
|
@resource = User.find(params[:id])
|
|
|
|
end
|
|
|
|
|
|
|
|
def user_params
|
2022-09-30 18:28:18 +00:00
|
|
|
params.permit(:name, :display_name, :email, :password, custom_attributes: {})
|
2021-01-14 15:05:22 +00:00
|
|
|
end
|
|
|
|
end
|