3 files changed, 22 insertions, 3 deletions

diff --git a/app/controllers/api/user_accounts_controller.rb b/app/controllers/api/user_accounts_controller.rb
index 600e168..1bbdcf5 100644
--- a/app/controllers/api/user_accounts_controller.rb
+++ b/app/controllers/api/user_accounts_controller.rb
@@ -6,7 +6,7 @@ module Api
     skip_before_action :validate_jwt, only: [:create]
 
     def show
-      render json: Serializers::UserAccountSerializer.new(current_user_account).serializable_hash
+      render json: serialized_object.serializable_hash
     end
 
     def create
@@ -17,8 +17,20 @@ module Api
       render json: @user_account.errors.full_messages, status: :unprocessable_entity
     end
 
+    def update
+      if current_user_account.update(permitted_params)
+        render json: serialized_object.serializable_hash, status: :ok
+      else
+        render json: current_user_account.errors.full_messages, status: :unprocessable_entity
+      end
+    end
+
     private
 
+    def serialized_object
+      Serializers::UserAccountSerializer.new(current_user_account)
+    end
+
     def service_params
       { email: @user_account.email,
         role: @user_account.role }
diff --git a/app/controllers/authenticated_controller.rb b/app/controllers/authenticated_controller.rb
index 56159ab..cb4f34d 100644
--- a/app/controllers/authenticated_controller.rb
+++ b/app/controllers/authenticated_controller.rb
@@ -15,7 +15,7 @@ class AuthenticatedController < ApplicationController
 
   def current_user_role
     return if decoded_token.nil?
-    
+
     decoded_token[0]['aud']
   end
 
diff --git a/app/models/user_account.rb b/app/models/user_account.rb
index e50961b..cd99441 100644
--- a/app/models/user_account.rb
+++ b/app/models/user_account.rb
@@ -9,7 +9,8 @@
 class UserAccount < ApplicationRecord
   has_secure_password validations: false
   validates :email, presence: true
-  validates :password, presence: true
+  validates :email, uniqueness: true
+  validates :password, presence: true, if: :no_password?
   validates_format_of :email,
                       with: /\A(|(([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6})\z/i
   validates :first_name, presence: true
@@ -19,4 +20,10 @@ class UserAccount < ApplicationRecord
   def full_name
     "#{first_name} #{last_name}"
   end
+
+  private
+
+  def no_password?
+    password_digest.nil?
+  end
 end