salmanasiddiqui/invitations_controller Secret

## invitations_controller
class InvitationsController < Devise::InvitationsController
  include DeviseTokenAuth::Concerns::SetUserByToken

  skip_after_filter :update_auth_header, only: [:edit]
  skip_before_filter :has_invitations_left?, only: :create
  skip_before_filter :require_no_authentication, only: [:edit, :update]

  # POST /resource/invitation
  def create
    self.resource = invite_resource
    resource_invited = resource.errors.empty?

    yield resource if block_given?

    if resource_invited
      self.resource.users_roles.create(role_name: :client_admin)
      result = { success: true }
      if self.resource.invitation_sent_at
        result.merge!(message: find_message(:send_instructions, email: self.resource.email))
      end
      render json: result
    else
      render json: {
        success: false,
        errors: resource.errors
      }, status: 400
    end
  end

  # GET /resource/invitation/accept?invitation_token=abcdef
  def edit
    uri = URI(params[:redirect_url])
    opts = {
        invitation_token: params[:invitation_token],
        config:           params[:config]
    }
    res = "#{uri.scheme}://#{uri.host}"
    res += ":#{uri.port}" if (uri.port and uri.port != 80 and uri.port != 443)
    res += "#{uri.path}" if uri.path
    res += '#'
    res += "#{uri.fragment}" if uri.fragment
    res += "?#{opts.to_query}"

    redirect_to(res)
  end

  # PUT /resource/invitation
  def update
    self.resource = accept_resource
    invitation_accepted = resource.errors.empty?

    yield resource if block_given?

    if invitation_accepted
      message_key = resource.active_for_authentication? ? :updated : :updated_not_active
      render json: {
        success: true,
        data: {
          user: resource,
          message: find_message(message_key)
        }
      }
    else
      clean_up_passwords resource
      render json: {
        success: false,
        errors: resource.errors
      }, status: 400
    end
  end

  # GET /resource/invitation/remove?invitation_token=abcdef
  def destroy
    resource.destroy
    render json: {
      success: true,
      message: find_message(:invitation_removed)
    }
  end

  def resource_class(m=nil)
    if m
      mapping = Devise.mappings[m]
    else
      mapping = Devise.mappings[resource_name] || Devise.mappings.values.first
    end

    mapping.to
  end

  protected

  def resource_from_invitation_token
    unless params[:invitation_token] &&
        self.resource = resource_class.find_by_invitation_token(params[:invitation_token], true)
      raise ActionController::RoutingError.new('Not Found')
    end
  end

  def invite_params
    params.require(:user).permit([:email, :client_id]).merge({ provider: 'email'})
  end

  def update_resource_params
    params.require(:user).permit([:first_name, :last_name, :designation, :invitation_token, :password, :password_confirmation])
  end
end
	class InvitationsController < Devise::InvitationsController
	include DeviseTokenAuth::Concerns::SetUserByToken

	skip_after_filter :update_auth_header, only: [:edit]
	skip_before_filter :has_invitations_left?, only: :create
	skip_before_filter :require_no_authentication, only: [:edit, :update]

	# POST /resource/invitation
	def create
	self.resource = invite_resource
	resource_invited = resource.errors.empty?

	yield resource if block_given?

	if resource_invited
	self.resource.users_roles.create(role_name: :client_admin)
	result = { success: true }
	if self.resource.invitation_sent_at
	result.merge!(message: find_message(:send_instructions, email: self.resource.email))
	end
	render json: result
	else
	render json: {
	success: false,
	errors: resource.errors
	}, status: 400
	end
	end

	# GET /resource/invitation/accept?invitation_token=abcdef
	def edit
	uri = URI(params[:redirect_url])
	opts = {
	invitation_token: params[:invitation_token],
	config: params[:config]
	}
	res = "#{uri.scheme}://#{uri.host}"
	res += ":#{uri.port}" if (uri.port and uri.port != 80 and uri.port != 443)
	res += "#{uri.path}" if uri.path
	res += '#'
	res += "#{uri.fragment}" if uri.fragment
	res += "?#{opts.to_query}"

	redirect_to(res)
	end

	# PUT /resource/invitation
	def update
	self.resource = accept_resource
	invitation_accepted = resource.errors.empty?

	yield resource if block_given?

	if invitation_accepted
	message_key = resource.active_for_authentication? ? :updated : :updated_not_active
	render json: {
	success: true,
	data: {
	user: resource,
	message: find_message(message_key)
	}
	}
	else
	clean_up_passwords resource
	render json: {
	success: false,
	errors: resource.errors
	}, status: 400
	end
	end

	# GET /resource/invitation/remove?invitation_token=abcdef
	def destroy
	resource.destroy
	render json: {
	success: true,
	message: find_message(:invitation_removed)
	}
	end

	def resource_class(m=nil)
	if m
	mapping = Devise.mappings[m]
	else
	mapping = Devise.mappings[resource_name] \|\| Devise.mappings.values.first
	end

	mapping.to
	end

	protected

	def resource_from_invitation_token
	unless params[:invitation_token] &&
	self.resource = resource_class.find_by_invitation_token(params[:invitation_token], true)
	raise ActionController::RoutingError.new('Not Found')
	end
	end

	def invite_params
	params.require(:user).permit([:email, :client_id]).merge({ provider: 'email'})
	end

	def update_resource_params
	params.require(:user).permit([:first_name, :last_name, :designation, :invitation_token, :password, :password_confirmation])
	end
	end