discourse/app/controllers/steps_controller.rb
Sam f2e7b74d88 FIX: don't return 200s when login is required to paths
When running `ensure_login_required` it should always happen prior to
`check_xhr` cause check xhr will trigger a 200 response
2018-02-01 12:26:45 +11:00

30 lines
796 B
Ruby

require_dependency 'wizard'
require_dependency 'wizard/builder'
require_dependency 'wizard/step_updater'
class StepsController < ApplicationController
before_action :ensure_wizard_enabled
prepend_before_action :check_xhr, :ensure_logged_in
before_action :ensure_admin
def update
wizard = Wizard::Builder.new(current_user).build
updater = wizard.create_updater(params[:id], params[:fields])
updater.update
if updater.success?
result = { success: 'OK' }
result[:refresh_required] = true if updater.refresh_required?
render json: result
else
errors = []
updater.errors.messages.each do |field, msg|
errors << { field: field, description: msg.join }
end
render json: { errors: errors }, status: 422
end
end
end