Merge branch 'master' into feature/authentication_generic_error

Conflicts:
	app/views/layouts/_messages.html.haml
	app/views/layouts/application.html.haml
	users/app/assets/javascripts/users.js.coffee

1 files changed, 16 insertions, 4 deletions

diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index 617bd4b..fda56f2 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -1,20 +1,32 @@
 module V1
-  class UsersController < ApplicationController
+  class UsersController < UsersBaseController
 
     skip_before_filter :verify_authenticity_token
+    before_filter :fetch_user, :only => [:update]
     before_filter :authorize, :only => [:update]
+    before_filter :authorize_admin, :only => [:index]
 
     respond_to :json
 
+    def index
+      if params[:query]
+        @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ)
+        respond_with @users.map(&:login).sort
+      else
+        render :json => {'error' => 'query required', 'status' => :unprocessable_entity}
+      end
+    end
+
     def create
       @user = User.create(params[:user])
       respond_with @user # return ID instead?
     end
 
     def update
-      # For now, only allow public key to be updated via the API. Eventually we might want to store in a config what attributes can be updated via the API.
-      @user = User.find_by_param(params[:id])
-      @user.update_attributes params[:user].slice(:public_key) if params[:user].respond_to?(:slice)
+      @user.update_attributes params[:user]
+      if @user.valid?
+        flash[:notice] = t(:user_updated_successfully)
+      end
       respond_with @user
     end