diff options
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/users_controller.rb | 3 | ||||
-rw-r--r-- | app/controllers/v1/certs_controller.rb | 7 | ||||
-rw-r--r-- | app/controllers/v1/smtp_certs_controller.rb | 5 |
3 files changed, 13 insertions, 2 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 446b726..ec52cff 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -47,8 +47,7 @@ class UsersController < ApplicationController end def deactivate - @user.enabled = false - @user.save + @user.account.disable flash[:notice] = I18n.t("actions.user_disabled_message", username: @user.username) redirect_to :back end diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb index 99aec16..ffa6e35 100644 --- a/app/controllers/v1/certs_controller.rb +++ b/app/controllers/v1/certs_controller.rb @@ -1,6 +1,7 @@ class V1::CertsController < ApiController before_filter :require_login, :unless => :anonymous_access_allowed? + before_filter :require_enabled # GET /cert # deprecated - we actually create a new cert and that can @@ -18,6 +19,12 @@ class V1::CertsController < ApiController protected + def require_enabled + if !current_user.is_anonymous? && !current_user.enabled? + access_denied + end + end + def service_level current_user.effective_service_level end diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index 75f524c..5760645 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -3,6 +3,7 @@ class V1::SmtpCertsController < ApiController before_filter :require_login before_filter :require_email_account before_filter :fetch_identity + before_filter :require_enabled # POST /1/smtp_cert def create @@ -22,6 +23,10 @@ class V1::SmtpCertsController < ApiController access_denied unless service_level.provides? 'email' end + def require_enabled + access_denied unless current_user.enabled? + end + def fetch_identity @identity = current_user.identity end |