diff --git a/app/controllers/users/registrations_controller.rb b/app/controllers/users/registrations_controller.rb index 4061792..c28410a 100644 --- a/app/controllers/users/registrations_controller.rb +++ b/app/controllers/users/registrations_controller.rb @@ -34,21 +34,27 @@ def edit def update @user = current_user @user.tags = JSON.parse(@user.tags) if @user.tags.is_a?(String) - - if params[:user][:password].present? || params[:user][:password_confirmation].present? + + # Check if password or email is being updated + is_password_change = params[:user][:password].present? || params[:user][:password_confirmation].present? + is_email_change = params[:user][:email].present? && params[:user][:email] != @user.email + + if is_password_change || is_email_change + # Require current password for sensitive changes successfully_updated = @user.update_with_password(account_update_params) else + # Do not require current password for non-sensitive changes params[:user].delete(:current_password) - successfully_updated = @user.update_without_password(account_update_params.except(:current_password)) + successfully_updated = @user.update_without_password(account_update_params) end - + if successfully_updated bypass_sign_in(@user) # Sign in the user bypassing validation redirect_to edit_user_registration_path, notice: 'Profile updated successfully' else render :edit end - end + end protected @@ -64,12 +70,8 @@ def sign_up_params end def account_update_params - params.require(:user).permit(:email, :password, :password_confirmation, :current_password, - :username, :full_name, :avatar, :banner, :description, :tags, - :public_analytics).tap do |user_params| - if user_params[:tags].present? - user_params[:tags] = user_params[:tags].split(',').map(&:strip).to_json - end + params.require(:user).permit(:email, :password, :password_confirmation, :current_password, :username, :full_name, :tags, :avatar, :banner, :description, :public_analytics).tap do |user_params| + user_params[:tags] = user_params[:tags].split(',').map(&:strip).to_json if user_params[:tags].present? end end end \ No newline at end of file diff --git a/config/routes.rb b/config/routes.rb index 99d0edf..e04ae32 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,16 +1,10 @@ Rails.application.routes.draw do get 'analytics/index' - if Rails.env.production? - devise_for :users, skip: [:registrations] - as :user do - get 'users/edit' => 'devise/registrations#edit', as: 'edit_user_registration' - put 'users' => 'devise/registrations#update', as: 'user_registration' - end - else - devise_for :users, controllers: { - registrations: 'users/registrations' - } - end + + # Use the custom registrations controller in all environments + devise_for :users, controllers: { + registrations: 'users/registrations' + } resources :links do member do @@ -29,4 +23,4 @@ resources :links, only: [:index, :show, :new, :create, :edit, :update, :destroy] resources :achievements, only: [:index, :show, :new, :create, :edit, :update, :destroy] get '/:username', to: 'links#user_links', as: 'user_links' -end +end \ No newline at end of file