diff options
| author | James Lopez <james@jameslopez.es> | 2017-06-23 12:34:07 +0300 |
|---|---|---|
| committer | James Lopez <james@jameslopez.es> | 2017-06-23 12:41:43 +0300 |
| commit | b804db26485ea09dc93269898dc969ed692130a2 (patch) | |
| tree | 48ac76727eed23a2815b14e8c5633bbb056f6972 /app/services | |
| parent | e2e0b175ae43bef44ba5fdc45b4a719aaae83422 (diff) | |
refactor update user service not to do auth checks
Diffstat (limited to 'app/services')
| -rw-r--r-- | app/services/emails/destroy_service.rb | 4 | ||||
| -rw-r--r-- | app/services/users/update_service.rb | 17 |
2 files changed, 7 insertions, 14 deletions
diff --git a/app/services/emails/destroy_service.rb b/app/services/emails/destroy_service.rb index 94e4167d88b..2032f0dc3a9 100644 --- a/app/services/emails/destroy_service.rb +++ b/app/services/emails/destroy_service.rb @@ -1,13 +1,13 @@ module Emails class DestroyService < ::Emails::BaseService def execute - Email.find_by_email(@email).destroy && update_secondary_emails! + Email.find_by_email!(@email).destroy && update_secondary_emails! end private def update_secondary_emails! - result = ::Users::UpdateService.new(@current_user, @current_user).execute do |user| + result = ::Users::UpdateService.new(@current_user).execute do |user| user.update_secondary_emails! end diff --git a/app/services/users/update_service.rb b/app/services/users/update_service.rb index 36dcc69f8cf..2037664f56a 100644 --- a/app/services/users/update_service.rb +++ b/app/services/users/update_service.rb @@ -1,14 +1,13 @@ module Users # Service for updating a user. class UpdateService < BaseService - def initialize(current_user, user, params = {}) - @current_user = current_user + def initialize(user, params = {}) @user = user @params = params.dup end - def execute(skip_authorization: false, validate: true, &block) - assign_attributes(skip_authorization, &block) + def execute(validate: true, &block) + assign_attributes(&block) if @user.save(validate: validate) success @@ -20,23 +19,17 @@ module Users def execute!(*args, &block) result = execute(*args, &block) - raise ActiveRecord::RecordInvalid(result[:message]) unless result[:status] == :success + raise ActiveRecord::RecordInvalid.new(@user) unless result[:status] == :success true end private - def assign_attributes(skip_authorization, &block) - raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_update_user? - + def assign_attributes(&block) yield(@user) if block_given? @user.assign_attributes(params) if params.any? end - - def can_update_user? - current_user == @user || current_user&.admin? - end end end |