require_dependency "oxen/application_controller" module Oxen class AccountsController < ApplicationController before_action :need_login before_action :need_root, except: [:changepsd] before_action :set_account, only: [:show, :edit, :update, :destroy] before_action :pageit, only: [:index, :search] before_action :is_root?, only: [:destory] def changepsd @user = Account.where(login: session[:login]).first render :changepsd and return if request.method == "GET" if params[:password] == params[:password_confirmation] and !params[:password].blank? @user.password = params[:password] if @user.save flash[:notice] = "更新成功" redirect_to main_app.root_path and return else flash[:alert] = "更新失败" redirect_to main_app.root_path and return end else flash[:alert] = "信息不一致" redirect_to changepsd_path and return end end # GET /accounts def index @accounts = Account.page params[:page] end # GET /accounts/1 def show end # GET /accounts/new def new @account = Account.new end # GET /accounts/1/edit def edit end # POST /accounts def create @account = Account.new(account_params) if @account.save redirect_to @account, notice: '帐号创建成功.' else render :new end end # PATCH/PUT /accounts/1 def update if @account.update(account_params) redirect_to @account, notice: '帐号更新成功' else render :edit end end # DELETE /accounts/1 def destroy @account.destroy redirect_to accounts_url, notice: '帐号已经删除.' end private # Use callbacks to share common setup or constraints between actions. def set_account @account = Account.find(params[:id]) end # Only allow a trusted parameter "white list" through. def account_params params.require(:account).permit(:login, :password, :tags_list, :avatar).tap do |account| account[:avatar] = attachit("account",:avatar,width: 64) end end end end