1 files changed, 28 insertions, 40 deletions

diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index dff1ed5..09622b3 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -1,12 +1,15 @@
-class UsersController < ApplicationController
+#
+# This is an HTML-only controller. For the JSON-only controller, see v1/users_controller.rb
+#
 
-  before_filter :authorize, :only => [:show, :edit, :destroy, :update]
+class UsersController < UsersBaseController
+
+  before_filter :authorize, :only => [:show, :edit, :update, :destroy]
   before_filter :fetch_user, :only => [:show, :edit, :update, :destroy]
-  before_filter :authorize_self, :only => [:update]
-  before_filter :set_anchor, :only => [:edit, :update]
+  #before_filter :authorize_self, :only => [:update]
   before_filter :authorize_admin, :only => [:index]
 
-  respond_to :json, :html
+  respond_to :json
 
   def index
     if params[:query]
@@ -14,8 +17,8 @@ class UsersController < ApplicationController
     else
       @users = User.by_created_at.descending
     end
-    @users = @users.limit(10)
-    respond_with @users.map(&:login).sort
+    @users = @users.limit(APP_CONFIG[:pagination_size])
+    #respond_with @users.map(&:login).sort
   end
 
   def new
@@ -27,48 +30,33 @@ class UsersController < ApplicationController
     respond_with @user
   end
 
-  def edit
-    @email_alias = LocalEmail.new
+  def show
   end
 
-  def update
-    @user.attributes = params[:user]
-    if @user.changed? and @user.save
-      flash[:notice] = t(:user_updated_successfully)
-    elsif @user.email_aliases.last and !@user.email_aliases.last.valid?
-      @email_alias = @user.email_aliases.pop
-    end
-    respond_with @user, :location => edit_user_path(@user, :anchor => @anchor)
+  def edit
   end
 
+  #
+  # The API user update is used instead. Maybe someday we will have something for which this makes sense.
+  #
+  #def update
+  #  @user.update_attributes(params[:user])
+  #  respond_with @user
+  #end
+
   def destroy
     @user.destroy
-    redirect_to admin? ? users_path : login_path
-  end
-
-  protected
-
-  def fetch_user
-    # authorize filter has been checked first, so won't get here unless authenticated
-    @user = User.find_by_param(params[:id])
-    if !@user and admin?
-      redirect_to users_path, :alert => t(:no_such_thing, :thing => 'user')
-      return
+    respond_to do |format|
+      format.html { redirect_to(admin? ? users_path : root_path) }
+      format.json { head :no_content }
     end
-    access_denied unless admin? or (@user == current_user)
   end
 
-  def authorize_self
-    # have already checked that authorized
-    access_denied unless (@user == current_user)
-  end
+  protected
 
-  def set_anchor
-    @anchor = email_settings? ? :email : :account
-  end
+  #def authorize_self
+  #  # have already checked that authorized
+  #  access_denied unless (@user == current_user)
+  #end
 
-  def email_settings?
-    params[:user] &&
-    params[:user].keys.detect{|key| key.index('email')}
-  end
 end