diff --git a/src/clj/commiteth/routes/services.clj b/src/clj/commiteth/routes/services.clj index fecf724..26f6dc4 100644 --- a/src/clj/commiteth/routes/services.clj +++ b/src/clj/commiteth/routes/services.clj @@ -226,18 +226,13 @@ (POST "/" [] :auth-rules authenticated? :current-user user - :body [body {:user-id s/Int - (s/optional-key :address) s/Str + :body [body {(s/optional-key :address) s/Str (s/optional-key :is_hidden) s/Bool}] :summary "Updates user's fields." - (let [{:keys [user-id]} body + (let [user-id (:id user) fields (select-keys body [:address :is_hidden])] - (when-not (= (:id user) user-id) - (log/debugf "User %s tries to update user's %s fields" (:id user) user-id) - (forbidden! (format "Cannot access a user %s" user-id))) - (when (empty? fields) (bad-request! "No incoming fields were found.")) diff --git a/src/cljs/commiteth/handlers.cljs b/src/cljs/commiteth/handlers.cljs index 549d22b..c9c1c74 100644 --- a/src/cljs/commiteth/handlers.cljs +++ b/src/cljs/commiteth/handlers.cljs @@ -325,7 +325,7 @@ (reg-event-fx :save-user-fields - (fn [{:keys [db]} [_ user-id fields]] + (fn [{:keys [db]} [_ fields]] {:dispatch [:set-updating-user] :http {:method POST :url "/api/user" @@ -338,7 +338,7 @@ :error (:response %)]) :finally #(dispatch [:clear-updating-user]) - :params (merge {:user-id user-id} fields)}})) + :params fields}})) (reg-event-db diff --git a/src/cljs/commiteth/update_address.cljs b/src/cljs/commiteth/update_address.cljs index 77bea91..c1ba88d 100644 --- a/src/cljs/commiteth/update_address.cljs +++ b/src/cljs/commiteth/update_address.cljs @@ -7,7 +7,6 @@ (defn update-address-page [] (let [db (rf/subscribe [:db]) - user (rf/subscribe [:user]) updating-user (rf/subscribe [:get-in [:updating-user]]) address (r/atom @(rf/subscribe [:get-in [:user :address]])) hidden (rf/subscribe [:get-in [:user :is_hidden]])] @@ -35,7 +34,7 @@ :max-length 42}]])] [:button (merge {:on-click - #(rf/dispatch [:save-user-fields (:id @user) {:address @address}]) + #(rf/dispatch [:save-user-fields {:address @address}]) :class (str "ui button small update-address-button" (when @updating-user " busy loading"))}) @@ -52,6 +51,6 @@ :on-change (fn [e] (let [value (-> e .-target .-checked)] - (rf/dispatch [:save-user-fields (:id @user) {:is_hidden value}])))}] + (rf/dispatch [:save-user-fields {:is_hidden value}])))}] [:label {:for :input-hidden} "Disguise myself from the top hunters and activity lists."]]]]))))