KumiSystems/Chatwoot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Chatwoot/app/controllers/platform/api/v1/users_controller.rb
Sojan Jose 81d0405473
chore: Ability to update user email via Platform APIs (#4659) 
When the platform update API is called with a new user email, Chatwoot will still follow the same behaviour as in the dashboard where the user will have to confirm the new email activation link until the email gets updated on the user record.

In the case of platform APIs, this might not be the ideal behaviour since the original app will already have a flow to update the user emails. Hence we need to confirm the emails without the extra step in this case

fixes: #4510
2022-05-10 00:28:46 +05:30

56 lines
1.7 KiB
Ruby
Raw Blame History

class Platform::Api::V1::UsersController < PlatformController
# ref: https://stackoverflow.com/a/45190318/939299
# set resource is called for other actions already in platform controller
# we want to add login to that chain as well
before_action(only: [:login]) { set_resource }
before_action(only: [:login]) { validate_platform_app_permissible }
def create
@resource = (User.find_by(email: user_params[:email]) || User.new(user_params))
@resource.skip_confirmation!
@resource.save!
@platform_app.platform_app_permissibles.find_or_create_by!(permissible: @resource)
end
def login
encoded_email = ERB::Util.url_encode(@resource.email)
render json: { url: "#{ENV['FRONTEND_URL']}/app/login?email=#{encoded_email}&sso_auth_token=#{@resource.generate_sso_auth_token}" }
end
def show; end
def update
@resource.assign_attributes(user_update_params)
# We are using devise's reconfirmable flow for changing emails
# But in case of platform APIs we don't want user to go through this extra step
@resource.skip_reconfirmation! if user_update_params[:email].present?
@resource.save!
end
def destroy
DeleteObjectJob.perform_later(@resource)
head :ok
end
private
def user_custom_attributes
return @resource.custom_attributes.merge(user_params[:custom_attributes]) if user_params[:custom_attributes]
@resource.custom_attributes
end
def user_update_params
# we want the merged custom attributes not the original one
user_params.except(:custom_attributes).merge({ custom_attributes: user_custom_attributes })
end
def set_resource
@resource = User.find(params[:id])
end
def user_params
params.permit(:name, :email, :password, custom_attributes: {})
end
end
Reference in a new issue View git blame Copy permalink