From 86e75a02bb0ecb00f326cb3493cb9e54b91bb17e Mon Sep 17 00:00:00 2001
From: Benjamin Neff <benjamin@coding4coffee.ch>
Date: Wed, 10 Aug 2016 00:11:49 +0200
Subject: [PATCH] fix privacy settings form submit

---
 app/controllers/users_controller.rb    | 19 ++++++++++++-------
 app/views/users/_privacy_settings.haml |  2 +-
 config/routes.rb                       | 11 ++++++-----
 3 files changed, 19 insertions(+), 13 deletions(-)

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 367f642fb..e2c43ab31 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -40,12 +40,6 @@ class UsersController < ApplicationController
         else
           flash[:notice] = I18n.t "users.update.settings_not_updated"
         end
-      elsif u[:strip_exif]
-        if @user.update_attributes(u)
-          flash[:notice] = I18n.t "users.update.settings_updated"
-        else
-          flash[:notice] = I18n.t "users.update.settings_not_updated"
-        end
       elsif u[:language]
         if @user.update_attributes(u)
           I18n.locale = @user.language
@@ -92,6 +86,18 @@ class UsersController < ApplicationController
     end
   end
 
+  def update_privacy_settings
+    privacy_params = params.fetch(:user).permit(:strip_exif)
+
+    if current_user.update_attributes(strip_exif: privacy_params[:strip_exif])
+      flash[:notice] = t("users.update.settings_updated")
+    else
+      flash[:error] = t("users.update.settings_not_updated")
+    end
+
+    redirect_to :back
+  end
+
   def destroy
     if params[:user] && params[:user][:current_password] && current_user.valid_password?(params[:user][:current_password])
       current_user.close_account!
@@ -194,7 +200,6 @@ class UsersController < ApplicationController
       :invitation_service,
       :invitation_identifier,
       :show_community_spotlight_in_stream,
-      :strip_exif,
       :auto_follow_back,
       :auto_follow_back_aspect_id,
       :remember_me,
diff --git a/app/views/users/_privacy_settings.haml b/app/views/users/_privacy_settings.haml
index 86038417b..9a881bc51 100644
--- a/app/views/users/_privacy_settings.haml
+++ b/app/views/users/_privacy_settings.haml
@@ -3,7 +3,7 @@
     %h3
       = t(".title")
 
-    = form_for current_user, url: user_path, html: {method: :put} do |f|
+    = form_for current_user, url: update_privacy_settings_path, html: {method: :put} do |f|
       = f.error_messages
 
       = f.fields_for :stream_preferences do
diff --git a/config/routes.rb b/config/routes.rb
index cea28508f..1c14ab70b 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -107,11 +107,12 @@ Diaspora::Application.routes.draw do
   end
 
   controller :users do
-    get 'public/:username'          => :public,           :as => 'users_public'
-    get 'getting_started'           => :getting_started,  :as => 'getting_started'
-    get 'privacy'                   => :privacy_settings, :as => 'privacy_settings'
-    get 'getting_started_completed' => :getting_started_completed
-    get 'confirm_email/:token'      => :confirm_email,    :as => 'confirm_email'
+    get "public/:username"          => :public,                  :as => :users_public
+    get "getting_started"           => :getting_started,         :as => :getting_started
+    get "confirm_email/:token"      => :confirm_email,           :as => :confirm_email
+    get "privacy"                   => :privacy_settings,        :as => :privacy_settings
+    put "privacy"                   => :update_privacy_settings, :as => :update_privacy_settings
+    get "getting_started_completed" => :getting_started_completed
   end
 
   # This is a hack to overide a route created by devise.