summaryrefslogtreecommitdiff
path: root/app/controllers/users_controller.rb
diff options
context:
space:
mode:
authorhukl <contact@smyck.org>2009-11-03 20:16:40 +0100
committerhukl <contact@smyck.org>2009-11-03 20:16:40 +0100
commit0c186fe46bbd5fa0b09ea9025c0d6ed256d8d11d (patch)
tree963a74ebada9e1479656a03d644683a2f6929991 /app/controllers/users_controller.rb
parent3b35b3a0bba7991a243eb794303b838ae90bb69c (diff)
Prevent regular users from promoting themselves to admins
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r--app/controllers/users_controller.rb1
1 files changed, 1 insertions, 0 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index eb1cd4c..87df678 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -33,6 +33,7 @@ class UsersController < ApplicationController
33 end 33 end
34 34
35 def update 35 def update
36 params[:user].delete(:admin) unless current_user.is_admin?
36 if @user.update_attributes(params[:user]) 37 if @user.update_attributes(params[:user])
37 flash[:notice] = "Updated user #{@user.login}" 38 flash[:notice] = "Updated user #{@user.login}"
38 redirect_to user_path(@user) 39 redirect_to user_path(@user)