summaryrefslogtreecommitdiff
path: root/users/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'users/app/controllers')
-rw-r--r--users/app/controllers/controller_extension/authentication.rb4
-rw-r--r--users/app/controllers/email_aliases_controller.rb39
-rw-r--r--users/app/controllers/users_controller.rb5
3 files changed, 46 insertions, 2 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 6ac7a5b..f2184d9 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -24,7 +24,9 @@ module ControllerExtension::Authentication
end
def access_denied
- redirect_to login_url, :alert => "Not authorized"
+ # TODO: should we redirect to the root_url in either case, and have the root_url include the login screen (and also ability to create unauthenticated tickets) when no user is logged in?
+ redirect_to login_url, :alert => "Not authorized" if !logged_in?
+ redirect_to root_url, :alert => "Not authorized" if logged_in?
end
def admin?
diff --git a/users/app/controllers/email_aliases_controller.rb b/users/app/controllers/email_aliases_controller.rb
new file mode 100644
index 0000000..751df85
--- /dev/null
+++ b/users/app/controllers/email_aliases_controller.rb
@@ -0,0 +1,39 @@
+class EmailAliasesController < ApplicationController
+
+ before_filter :fetch_user
+
+ respond_to :html
+
+ # get a list of email aliases for the given user?
+ def index
+ @aliases = @user.email_aliases
+ respond_with @aliases
+ end
+
+ def create
+ @alias = @user.add_email_alias(params[:email_alias])
+ flash[:notice] = t(:email_alias_created_successfully) unless @alias.errors
+ respond_with @alias, :location => edit_user_path(@user, :anchor => :email)
+ end
+
+ def update
+ @alias = @user.get_email_alias(params[:id])
+ @alias.set_email(params[:email_alias])
+ flash[:notice] = t(:email_alias_updated_successfully) unless @alias.errors
+ respond_with @alias, :location => edit_user_path(@user, :anchor => :email)
+ end
+
+ def destroy
+ @alias = @user.get_email_alias(params[:id])
+ flash[:notice] = t(:email_alias_destroyed_successfully)
+ @alias.destroy
+ redirect_to edit_user_path(@user, :anchor => :email)
+ end
+
+ protected
+
+ def fetch_user
+ @user = User.find_by_param(params[:user_id])
+ access_denied unless admin? or (@user == current_user)
+ end
+end
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index 4921a4a..811e8e5 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -30,8 +30,11 @@ class UsersController < ApplicationController
end
def update
- if @user.update_attributes(params[:user])
+ @user.attributes = params[:user]
+ if @user.changed? and @user.save
flash[:notice] = t(:user_updated_successfully)
+ else
+ flash[:error] = @user.errors.full_messages
end
respond_with @user, :location => edit_user_path(@user)
end