diff options
Diffstat (limited to 'users/app/controllers/users_controller.rb')
-rw-r--r-- | users/app/controllers/users_controller.rb | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index f66277d..0b32ec7 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -13,7 +13,7 @@ class UsersController < UsersBaseController def index if params[:query] if @user = User.find_by_login(params[:query]) - redirect_to user_overview_url(@user) + redirect_to @user return else @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ) @@ -34,6 +34,12 @@ class UsersController < UsersBaseController def edit end + ## added so updating service level works, but not sure we will actually want this. also not sure that this is place to prevent user from updating own effective service level, but here as placeholder: + def update + @user.update_attributes(params[:user]) unless (!admin? and params[:user][:effective_service_level]) + respond_with @user + end + def deactivate @user.enabled = false @user.save @@ -47,8 +53,16 @@ class UsersController < UsersBaseController end def destroy - @user.destroy - redirect_to admin? ? users_url : root_url + @user.account.destroy + flash[:notice] = I18n.t(:account_destroyed) + # admins can destroy other users + if @user != current_user + redirect_to users_url + else + # let's remove the invalid session + logout + redirect_to root_url + end end end |