summaryrefslogtreecommitdiff
path: root/app/controllers/users_controller.rb
diff options
context:
space:
mode:
authorazul <azul@riseup.net>2014-04-17 10:12:05 +0200
committerazul <azul@riseup.net>2014-04-17 10:12:05 +0200
commit3513ad74f950b113af1ba1e3d06bc6a55c48fde5 (patch)
treedb49ebd4428053d5c8d720275b77594a531a1ad1 /app/controllers/users_controller.rb
parentcb6442c344d6bdaf52c3878b2de2fcf4d85f2648 (diff)
parent3d3688647fab7049e5b531c45b85c1e46a1d528f (diff)
Merge pull request #146 from azul/refactor/engines
Refactor/engines
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r--app/controllers/users_controller.rb69
1 files changed, 69 insertions, 0 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
new file mode 100644
index 0000000..c8e09b6
--- /dev/null
+++ b/app/controllers/users_controller.rb
@@ -0,0 +1,69 @@
+#
+# This is an HTML-only controller. For the JSON-only controller, see v1/users_controller.rb
+#
+
+class UsersController < UsersBaseController
+
+ before_filter :require_login, :except => [:new]
+ before_filter :redirect_if_logged_in, :only => [:new]
+ before_filter :require_admin, :only => [:index, :deactivate, :enable]
+ before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable]
+
+ respond_to :html
+
+ def index
+ if params[:query]
+ if @user = User.find_by_login(params[:query])
+ redirect_to @user
+ return
+ else
+ @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ)
+ end
+ else
+ @users = User.by_created_at.descending
+ end
+ @users = @users.limit(100)
+ end
+
+ def new
+ @user = User.new
+ end
+
+ def show
+ end
+
+ def edit
+ end
+
+ ## added so updating service level works, but not sure we will actually want this. also not sure that this is place to prevent user from updating own effective service level, but here as placeholder:
+ def update
+ @user.update_attributes(params[:user]) unless (!admin? and params[:user][:effective_service_level])
+ respond_with @user
+ end
+
+ def deactivate
+ @user.enabled = false
+ @user.save
+ respond_with @user
+ end
+
+ def enable
+ @user.enabled = true
+ @user.save
+ respond_with @user
+ end
+
+ def destroy
+ @user.account.destroy
+ flash[:notice] = I18n.t(:account_destroyed)
+ # admins can destroy other users
+ if @user != current_user
+ redirect_to users_url
+ else
+ # let's remove the invalid session
+ logout
+ redirect_to bye_url
+ end
+ end
+
+end