diff options
author | jessib <jessib@riseup.net> | 2013-12-17 12:02:07 -0800 |
---|---|---|
committer | jessib <jessib@riseup.net> | 2013-12-17 12:02:07 -0800 |
commit | 98a247acb4d1be484c2982d48ec038eed3de3d55 (patch) | |
tree | f176092fa43145b9d8ce00a180fab70cf62da456 /users/app/controllers | |
parent | 634db9875cc8f6f6b9a4a83dfc6b8d53728eb2b5 (diff) | |
parent | 83cd3d95b78b6df9ac33a8ee169e570f4d3e2eeb (diff) |
Merge branch 'develop' into feature/billing-no-authenticated-payments
Conflicts:
billing/config/locales/en.yml
Diffstat (limited to 'users/app/controllers')
-rw-r--r-- | users/app/controllers/keys_controller.rb | 18 | ||||
-rw-r--r-- | users/app/controllers/overviews_controller.rb | 9 | ||||
-rw-r--r-- | users/app/controllers/sessions_controller.rb | 5 | ||||
-rw-r--r-- | users/app/controllers/users_controller.rb | 20 | ||||
-rw-r--r-- | users/app/controllers/v1/users_controller.rb | 8 |
5 files changed, 39 insertions, 21 deletions
diff --git a/users/app/controllers/keys_controller.rb b/users/app/controllers/keys_controller.rb new file mode 100644 index 0000000..fb28901 --- /dev/null +++ b/users/app/controllers/keys_controller.rb @@ -0,0 +1,18 @@ +class KeysController < ApplicationController + + # + # Render the user's key as plain text, without a layout. + # + # We will show blank page if user doesn't have key (which shouldn't generally occur) + # and a 404 error if user doesn't exist + # + def show + user = User.find_by_login(params[:login]) + if user + render text: user.public_key, content_type: 'text/text' + else + raise ActionController::RoutingError.new('Not Found') + end + end + +end diff --git a/users/app/controllers/overviews_controller.rb b/users/app/controllers/overviews_controller.rb deleted file mode 100644 index 52ce267..0000000 --- a/users/app/controllers/overviews_controller.rb +++ /dev/null @@ -1,9 +0,0 @@ -class OverviewsController < UsersBaseController - - before_filter :authorize - before_filter :fetch_user - - def show - end - -end diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 0494b51..ca228c2 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -1,6 +1,7 @@ class SessionsController < ApplicationController def new + redirect_to root_path if logged_in? @session = Session.new if authentication_errors @errors = authentication_errors @@ -14,12 +15,12 @@ class SessionsController < ApplicationController end # - # this is a bad hack, but user_overview_url(user) is not available + # this is a bad hack, but user_url(user) is not available # also, this doesn't work because the redirect happens as a PUT. no idea why. # #Warden::Manager.after_authentication do |user, auth, opts| # response = Rack::Response.new - # response.redirect "/users/#{user.id}/overview" + # response.redirect "/users/#{user.id}" # throw :warden, response.finish #end diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index f66277d..0b32ec7 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -13,7 +13,7 @@ class UsersController < UsersBaseController def index if params[:query] if @user = User.find_by_login(params[:query]) - redirect_to user_overview_url(@user) + redirect_to @user return else @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ) @@ -34,6 +34,12 @@ class UsersController < UsersBaseController def edit end + ## added so updating service level works, but not sure we will actually want this. also not sure that this is place to prevent user from updating own effective service level, but here as placeholder: + def update + @user.update_attributes(params[:user]) unless (!admin? and params[:user][:effective_service_level]) + respond_with @user + end + def deactivate @user.enabled = false @user.save @@ -47,8 +53,16 @@ class UsersController < UsersBaseController end def destroy - @user.destroy - redirect_to admin? ? users_url : root_url + @user.account.destroy + flash[:notice] = I18n.t(:account_destroyed) + # admins can destroy other users + if @user != current_user + redirect_to users_url + else + # let's remove the invalid session + logout + redirect_to root_url + end end end diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb index 03a5a62..0903888 100644 --- a/users/app/controllers/v1/users_controller.rb +++ b/users/app/controllers/v1/users_controller.rb @@ -24,15 +24,9 @@ module V1 end def update - account.update params[:user] + @user.account.update params[:user] respond_with @user end - protected - - def account - @user.account - end - end end |