From d033678354467a41f3c9b40152f99facbc994e8e Mon Sep 17 00:00:00 2001
From: Ali Hadi Mazeh <ali.hadi.mazeh@blindsidenetworks.com>
Date: Mon, 25 Nov 2024 16:11:24 -0500
Subject: [PATCH] added method for permitted params for better readability

---
 app/controllers/api/v1/users_controller.rb | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/app/controllers/api/v1/users_controller.rb b/app/controllers/api/v1/users_controller.rb
index b10d9e4125..09c860e4ed 100644
--- a/app/controllers/api/v1/users_controller.rb
+++ b/app/controllers/api/v1/users_controller.rb
@@ -169,15 +169,7 @@ def create_user_params
       end
 
       def update_user_params
-        is_admin = PermissionsChecker.new(current_user:, permission_names: 'ManageUsers', current_provider:).call
-
-        @update_user_params ||= if external_auth? && is_admin
-                                  params.require(:user).permit(:name)
-                                elsif external_auth?
-                                  params.require(:user).permit(:password, :avatar, :language, :role_id, :invite_token)
-                                else
-                                  params.require(:user).permit(:name, :password, :avatar, :language, :role_id, :invite_token)
-                                end
+        @update_user_params ||= params.require(:user).permit(permitted_params)
       end
 
       def change_password_params
@@ -202,6 +194,14 @@ def valid_domain?
         end
         false
       end
+
+      def permitted_params
+        is_admin = PermissionsChecker.new(current_user:, permission_names: 'ManageUsers', current_provider:).call
+
+        return %i[password avatar language role_id invite_token] if external_auth? && !is_admin
+
+        %i[name password avatar language role_id invite_token]
+      end
     end
   end
 end