diff options
author | Azul <azul@leap.se> | 2014-04-08 11:49:14 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2014-04-08 11:49:14 +0200 |
commit | b6d14dc19dd350a807826e3e097738a36613e083 (patch) | |
tree | 093dc5f2f1e773e3ad009d28d1fd24667d3c0ba6 /app/controllers/users_controller.rb | |
parent | 2e11e3ca2c7b02fdb5ff54f0bcd766cc5fa39975 (diff) |
moving users: app and test files
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r-- | app/controllers/users_controller.rb | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb new file mode 100644 index 0000000..c8e09b6 --- /dev/null +++ b/app/controllers/users_controller.rb @@ -0,0 +1,69 @@ +# +# This is an HTML-only controller. For the JSON-only controller, see v1/users_controller.rb +# + +class UsersController < UsersBaseController + + before_filter :require_login, :except => [:new] + before_filter :redirect_if_logged_in, :only => [:new] + before_filter :require_admin, :only => [:index, :deactivate, :enable] + before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable] + + respond_to :html + + def index + if params[:query] + if @user = User.find_by_login(params[:query]) + redirect_to @user + return + else + @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ) + end + else + @users = User.by_created_at.descending + end + @users = @users.limit(100) + end + + def new + @user = User.new + end + + def show + end + + def edit + end + + ## added so updating service level works, but not sure we will actually want this. also not sure that this is place to prevent user from updating own effective service level, but here as placeholder: + def update + @user.update_attributes(params[:user]) unless (!admin? and params[:user][:effective_service_level]) + respond_with @user + end + + def deactivate + @user.enabled = false + @user.save + respond_with @user + end + + def enable + @user.enabled = true + @user.save + respond_with @user + end + + def destroy + @user.account.destroy + flash[:notice] = I18n.t(:account_destroyed) + # admins can destroy other users + if @user != current_user + redirect_to users_url + else + # let's remove the invalid session + logout + redirect_to bye_url + end + end + +end |