From 11a20c5be971d97f4a4f575f91b706791c1893a9 Mon Sep 17 00:00:00 2001
From: Camil Staps
Date: Sun, 26 Apr 2015 23:29:17 +0200
Subject: Competitions; CompetitionTypes; Participants; better routing;
 administrators; ...

---
 src/controllers/UserController.php | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

(limited to 'src/controllers/UserController.php')

diff --git a/src/controllers/UserController.php b/src/controllers/UserController.php
index 02400e9..03bebbc 100644
--- a/src/controllers/UserController.php
+++ b/src/controllers/UserController.php
@@ -4,7 +4,6 @@ namespace CamilStaps\BotleaguesApi;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Input;
-use Illuminate\Support\Facades\Redirect;
 
 class UserController extends BaseController {
 
@@ -12,6 +11,8 @@ class UserController extends BaseController {
 
 	public function __construct(User $user) {
 		$this->user = $user;
+
+		$this->beforeFilter('current_user', array('only' => ['update', 'destroy']));
 	}
 
 	public function index() {
@@ -23,10 +24,6 @@ class UserController extends BaseController {
 	}
 
 	public function update($id) {
-		if ($id != Auth::user()->id) {
-			throw new \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException();
-		}
-
 		$s = $this->user->find($id);
 
 		if (!empty(Input::get('password')))
@@ -41,7 +38,7 @@ class UserController extends BaseController {
 
 	public function store() {
 		$this->user->email = Input::get('email');
-		$this->user->password = Hash::make(Input::get('password'));
+		$this->user->password = empty(Input::get('password')) ? null : Hash::make(Input::get('password'));
 
 		if ($this->user->save()) {
 			return $this->response->created();
-- 
cgit v1.2.3