193 get rid of passing user-id

src/clj/commiteth/routes/services.clj

@@ -226,18 +226,13 @@
                     (POST "/" []
                           :auth-rules authenticated?
                           :current-user user
-                          :body [body {:user-id s/Int
+                          :body [body {(s/optional-key :address) s/Str
-                                       (s/optional-key :address) s/Str
                                        (s/optional-key :is_hidden) s/Bool}]
                           :summary "Updates user's fields."
 
-                          (let [{:keys [user-id]} body
+                          (let [user-id (:id user)
                                 fields (select-keys body [:address :is_hidden])]
 
-                            (when-not (= (:id user) user-id)
-                              (log/debugf "User %s tries to update user's %s fields" (:id user) user-id)
-                              (forbidden! (format "Cannot access a user %s" user-id)))
-
                             (when (empty? fields)
                               (bad-request! "No incoming fields were found."))
 

src/cljs/commiteth/handlers.cljs

@@ -325,7 +325,7 @@
 
 (reg-event-fx
  :save-user-fields
- (fn [{:keys [db]} [_ user-id fields]]
+ (fn [{:keys [db]} [_ fields]]
    {:dispatch [:set-updating-user]
     :http {:method     POST
            :url        "/api/user"
@@ -338,7 +338,7 @@
                                  :error
                                  (:response %)])
            :finally #(dispatch [:clear-updating-user])
-           :params (merge {:user-id user-id} fields)}}))
+           :params fields}}))
 
 
 (reg-event-db

src/cljs/commiteth/update_address.cljs

@@ -7,7 +7,6 @@
 
 (defn update-address-page []
   (let [db (rf/subscribe [:db])
-        user (rf/subscribe [:user])
         updating-user (rf/subscribe [:get-in [:updating-user]])
         address (r/atom @(rf/subscribe [:get-in [:user :address]]))
         hidden (rf/subscribe [:get-in [:user :is_hidden]])]
@@ -35,7 +34,7 @@
                               :max-length 42}]])]
           [:button
            (merge {:on-click
-                   #(rf/dispatch [:save-user-fields (:id @user) {:address @address}])
+                   #(rf/dispatch [:save-user-fields {:address @address}])
                    :class (str "ui button small update-address-button"
                                (when @updating-user
                                  " busy loading"))})
@@ -52,6 +51,6 @@
              :on-change
              (fn [e]
                (let [value (-> e .-target .-checked)]
-                 (rf/dispatch [:save-user-fields (:id @user) {:is_hidden value}])))}]
+                 (rf/dispatch [:save-user-fields {:is_hidden value}])))}]
 
            [:label {:for :input-hidden} "Disguise myself from the top hunters and activity lists."]]]]))))