users_controller.rb
1.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
class UsersController < ApplicationController
respond_to :html
before_filter :require_admin!, :except => [:edit, :update]
before_filter :find_user, :only => [:show, :edit, :update, :destroy, :unlink_github]
before_filter :require_user_edit_priviledges, :only => [:edit, :update]
def index
@users = User.all.page(params[:page]).per(current_user.per_page)
end
def new
@user = User.new
end
def create
@user = User.new(params[:user])
# Set protected attributes
@user.admin = params[:user].try(:[], :admin) if current_user.admin?
if @user.save
flash[:success] = "#{@user.name} is now part of the team. Be sure to add them as a project watcher."
redirect_to user_path(@user)
else
render :new
end
end
def update
# Devise Hack
if params[:user][:password].blank? && params[:user][:password_confirmation].blank?
params[:user].delete(:password)
params[:user].delete(:password_confirmation)
end
# Set protected attributes
@user.admin = params[:user][:admin] if current_user.admin?
if @user.update_attributes(params[:user])
flash[:success] = "#{@user.name}'s information was successfully updated"
redirect_to user_path(@user)
else
render :edit
end
end
def destroy
@user.destroy
flash[:success] = "That's sad. #{@user.name} is no longer part of your team."
redirect_to users_path
end
def unlink_github
@user.update_attributes :github_login => nil, :github_oauth_token => nil
redirect_to user_path(@user)
end
protected
def find_user
@user = User.find(params[:id])
end
def require_user_edit_priviledges
can_edit = current_user == @user || current_user.admin?
redirect_to(root_path) and return(false) unless can_edit
end
end