summaryrefslogtreecommitdiff
path: root/app/controllers/users_controller.rb
diff options
context:
space:
mode:
authorhukl <contact@smyck.org>2009-10-07 21:20:18 +0200
committerhukl <contact@smyck.org>2009-10-07 21:20:18 +0200
commitcbed060fa16ce62821f637ff5d8fde7aa421d31e (patch)
tree47c376a50ec5ada60c96f4e1c2694a8b2a5855d9 /app/controllers/users_controller.rb
parent9dadc61cae2c4c01a97880e89ca86a0e760fc8d1 (diff)
enabling users to edit their own details - tested as well - yay
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r--app/controllers/users_controller.rb37
1 files changed, 21 insertions, 16 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index b15f83b..ead989d 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,12 +1,13 @@
1class UsersController < ApplicationController 1class UsersController < ApplicationController
2 2
3 # Private 3 # Private
4 4
5 before_filter :login_required 5 before_filter :login_required
6 before_filter :verify_admin_status, :except => [:index, :show] 6 before_filter :find_user, :only => [:show, :edit, :update, :destroy]
7 7 before_filter :verify_status, :except => [:index, :show]
8
8 layout 'admin' 9 layout 'admin'
9 10
10 def index 11 def index
11 @users = User.all(:order => "login ASC") 12 @users = User.all(:order => "login ASC")
12 end 13 end
@@ -17,7 +18,7 @@ class UsersController < ApplicationController
17 18
18 def create 19 def create
19 @user = User.new params[:user] 20 @user = User.new params[:user]
20 21
21 if @user.save 22 if @user.save
22 redirect_to user_path(@user) 23 redirect_to user_path(@user)
23 else 24 else
@@ -26,12 +27,9 @@ class UsersController < ApplicationController
26 end 27 end
27 28
28 def edit 29 def edit
29 @user = User.find(params[:id])
30 end 30 end
31 31
32 def update 32 def update
33 @user = User.find(params[:id])
34
35 if @user.update_attributes(params[:user]) 33 if @user.update_attributes(params[:user])
36 redirect_to user_path(@user) 34 redirect_to user_path(@user)
37 else 35 else
@@ -40,20 +38,27 @@ class UsersController < ApplicationController
40 end 38 end
41 39
42 def show 40 def show
43 @user = User.find(params[:id])
44 end 41 end
45 42
46 def destroy 43 def destroy
47 user = User.find(params[:id]) 44 @user.destroy if @user
48 user.destroy if user
49 redirect_to users_path 45 redirect_to users_path
50 end 46 end
51 47
52 private 48 private
53 def verify_admin_status 49 def find_user
54 unless current_user.admin 50 @user = User.find(params[:id])
55 flash[:notice] = "Sorry, you need to be an admin for this action" 51 end
56 redirect_to users_path 52
53 def verify_status
54 @user ||= User.new
55 unless @user.id == current_user.id || current_user.admin
56 deny_user_access
57 end 57 end
58 end 58 end
59
60 def deny_user_access
61 flash[:notice] = "Sorry, you need to be an admin for this action"
62 redirect_to users_path
63 end
59end 64end