summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/v1/configs_controller.rb2
-rw-r--r--app/controllers/v1/users_controller.rb12
2 files changed, 11 insertions, 3 deletions
diff --git a/app/controllers/v1/configs_controller.rb b/app/controllers/v1/configs_controller.rb
index 9c01605..0af21d2 100644
--- a/app/controllers/v1/configs_controller.rb
+++ b/app/controllers/v1/configs_controller.rb
@@ -32,7 +32,7 @@ class V1::ConfigsController < ApiController
def sanitize_filename
@filename = params[:id].downcase
@filename += '.json' unless @filename.ends_with?('.json')
- access_denied unless SERVICES.values.include? name
+ access_denied unless SERVICES.values.include? @filename
@filename = Rails.root.join('public', '1', 'config', @filename)
end
end
diff --git a/app/controllers/v1/users_controller.rb b/app/controllers/v1/users_controller.rb
index bfa04fc..d57db6f 100644
--- a/app/controllers/v1/users_controller.rb
+++ b/app/controllers/v1/users_controller.rb
@@ -2,9 +2,9 @@ module V1
class UsersController < ApiController
include ControllerExtension::FetchUser
- before_filter :fetch_user, :only => [:update]
+ before_filter :fetch_user, :only => [:update, :destroy]
before_filter :require_admin, :only => [:index]
- before_filter :require_login, :only => [:index, :update]
+ before_filter :require_login, :only => [:index, :update, :destroy]
before_filter :require_registration_allowed, only: :create
respond_to :json
@@ -29,6 +29,14 @@ module V1
respond_with @user
end
+ def destroy
+ @user.account.destroy
+ if @user == current_user
+ logout
+ end
+ render :json => {'success' => 'user deleted'}
+ end
+
protected
def require_registration_allowed