Handle invalid params when trying update_username

Using strong params to require the presence of a username when calling `update_username`. Otherwise we'd raise a `NoMethodError` validating the paths on disk.
author: Bob Van Landuyt <bob@vanlanduyt.co> 2018-04-04 09:59:35 +0200
committer: Bob Van Landuyt <bob@vanlanduyt.co> 2018-04-04 09:59:35 +0200
commit: 3faa7653d0efc76c42d5b5cb6dcb93b3a69718a9 (patch)
tree: 99b928e92851a83c9631bcf9d0cf9e2ce43b52fc /app
parent: be1523c1ba9fa439a2525a1b18179a419ecb6b2d (diff)
download: gitlab-ce-3faa7653d0efc76c42d5b5cb6dcb93b3a69718a9.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb
index dbf61a17724..3d27ae18b17 100644
--- a/app/controllers/profiles_controller.rb
+++ b/app/controllers/profiles_controller.rb
@@ -51,7 +51,7 @@ class ProfilesController < Profiles::ApplicationController
   end
 
   def update_username
-    result = Users::UpdateService.new(current_user, user: @user, username: user_params[:username]).execute
+    result = Users::UpdateService.new(current_user, user: @user, username: username_param).execute
 
     options = if result[:status] == :success
                 { notice: "Username successfully changed" }
@@ -72,6 +72,10 @@ class ProfilesController < Profiles::ApplicationController
     return render_404 unless @user.can_change_username?
   end
 
+  def username_param
+    @username_param ||= user_params.require(:username)
+  end
+
   def user_params
     @user_params ||= params.require(:user).permit(
       :avatar,
author	Bob Van Landuyt <bob@vanlanduyt.co>	2018-04-04 09:59:35 +0200
committer	Bob Van Landuyt <bob@vanlanduyt.co>	2018-04-04 09:59:35 +0200
commit	3faa7653d0efc76c42d5b5cb6dcb93b3a69718a9 (patch)
tree	99b928e92851a83c9631bcf9d0cf9e2ce43b52fc /app
parent	be1523c1ba9fa439a2525a1b18179a419ecb6b2d (diff)
download	gitlab-ce-3faa7653d0efc76c42d5b5cb6dcb93b3a69718a9.tar.gz