diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/users_controller.rb | 1 | ||||
| -rw-r--r-- | app/models/user.rb | 6 |
2 files changed, 6 insertions, 1 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index eb1cd4c..87df678 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb | |||
| @@ -33,6 +33,7 @@ class UsersController < ApplicationController | |||
| 33 | end | 33 | end |
| 34 | 34 | ||
| 35 | def update | 35 | def update |
| 36 | params[:user].delete(:admin) unless current_user.is_admin? | ||
| 36 | if @user.update_attributes(params[:user]) | 37 | if @user.update_attributes(params[:user]) |
| 37 | flash[:notice] = "Updated user #{@user.login}" | 38 | flash[:notice] = "Updated user #{@user.login}" |
| 38 | redirect_to user_path(@user) | 39 | redirect_to user_path(@user) |
diff --git a/app/models/user.rb b/app/models/user.rb index 035a145..ce5503f 100644 --- a/app/models/user.rb +++ b/app/models/user.rb | |||
| @@ -79,7 +79,11 @@ class User < ActiveRecord::Base | |||
| 79 | return false | 79 | return false |
| 80 | end | 80 | end |
| 81 | 81 | ||
| 82 | private | 82 | def is_admin? |
| 83 | !!admin | ||
| 84 | end | ||
| 85 | |||
| 86 | private | ||
| 83 | 87 | ||
| 84 | def set_permission(granted, node) | 88 | def set_permission(granted, node) |
| 85 | permission = self.permissions.for_node(node).first | 89 | permission = self.permissions.for_node(node).first |
