summaryrefslogtreecommitdiff
path: root/users/app/controllers/users_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'users/app/controllers/users_controller.rb')
-rw-r--r--users/app/controllers/users_controller.rb64
1 files changed, 16 insertions, 48 deletions
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index 38a69e3..4ce970b 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -1,74 +1,42 @@
-class UsersController < ApplicationController
+#
+# This is an HTML-only controller. For the JSON-only controller, see v1/users_controller.rb
+#
- before_filter :authorize, :only => [:show, :edit, :destroy, :update]
+class UsersController < UsersBaseController
+
+ before_filter :authorize, :only => [:show, :edit, :update, :destroy]
before_filter :fetch_user, :only => [:show, :edit, :update, :destroy]
- before_filter :authorize_self, :only => [:update]
- before_filter :set_anchor, :only => [:edit, :update]
before_filter :authorize_admin, :only => [:index]
- respond_to :json, :html
+ respond_to :html
def index
if params[:query]
- @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ)
+ if @user = User.find_by_login(params[:query])
+ redirect_to user_overview_url(@user)
+ return
+ else
+ @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ)
+ end
else
@users = User.by_created_at.descending
end
- @users = @users.limit(10)
- respond_with @users.map(&:login).sort
+ @users = @users.limit(100)
end
def new
@user = User.new
end
- def create
- @user = User.create(params[:user])
- respond_with @user
+ def show
end
def edit
- @email_alias = LocalEmail.new
- end
-
- def update
- @user.attributes = params[:user]
- if @user.changed? and @user.save
- flash[:notice] = t(:user_updated_successfully)
- elsif @user.email_aliases.last and !@user.email_aliases.last.valid?
- @email_alias = @user.email_aliases.pop
- end
- respond_with @user, :location => edit_user_path(@user, :anchor => @anchor)
end
def destroy
@user.destroy
- redirect_to admin? ? users_path : root_path
+ redirect_to admin? ? users_url : root_url
end
- protected
-
- def fetch_user
- # authorize filter has been checked first, so won't get here unless authenticated
- @user = User.find_by_param(params[:id])
- if !@user and admin?
- redirect_to users_path, :alert => t(:no_such_thing, :thing => 'user')
- return
- end
- access_denied unless admin? or (@user == current_user)
- end
-
- def authorize_self
- # have already checked that authorized
- access_denied unless (@user == current_user)
- end
-
- def set_anchor
- @anchor = email_settings? ? :email : :account
- end
-
- def email_settings?
- params[:user] &&
- params[:user].keys.detect{|key| key.index('email')}
- end
end