diff options
| -rw-r--r-- | app/controllers/users_controller.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 98fd534..f01691f 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb | |||
| @@ -55,7 +55,9 @@ class UsersController < ApplicationController | |||
| 55 | private | 55 | private |
| 56 | 56 | ||
| 57 | def user_params | 57 | def user_params |
| 58 | params.fetch(:user, {}).permit(:login, :email, :password, :password_confirmation, :admin) | 58 | allowed = [:login, :email, :password, :password_confirmation] |
| 59 | allowed << :admin if current_user.admin? | ||
| 60 | params.fetch(:user, {}).permit(allowed) | ||
| 59 | end | 61 | end |
| 60 | 62 | ||
| 61 | def find_user | 63 | def find_user |
