diff options
Diffstat (limited to 'users/app/controllers')
| -rw-r--r-- | users/app/controllers/controller_extension/authentication.rb | 4 | ||||
| -rw-r--r-- | users/app/controllers/email_aliases_controller.rb | 39 | ||||
| -rw-r--r-- | users/app/controllers/users_controller.rb | 5 |
3 files changed, 46 insertions, 2 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index 6ac7a5b..f2184d9 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -24,7 +24,9 @@ module ControllerExtension::Authentication end def access_denied - redirect_to login_url, :alert => "Not authorized" + # TODO: should we redirect to the root_url in either case, and have the root_url include the login screen (and also ability to create unauthenticated tickets) when no user is logged in? + redirect_to login_url, :alert => "Not authorized" if !logged_in? + redirect_to root_url, :alert => "Not authorized" if logged_in? end def admin? diff --git a/users/app/controllers/email_aliases_controller.rb b/users/app/controllers/email_aliases_controller.rb new file mode 100644 index 0000000..751df85 --- /dev/null +++ b/users/app/controllers/email_aliases_controller.rb @@ -0,0 +1,39 @@ +class EmailAliasesController < ApplicationController + + before_filter :fetch_user + + respond_to :html + + # get a list of email aliases for the given user? + def index + @aliases = @user.email_aliases + respond_with @aliases + end + + def create + @alias = @user.add_email_alias(params[:email_alias]) + flash[:notice] = t(:email_alias_created_successfully) unless @alias.errors + respond_with @alias, :location => edit_user_path(@user, :anchor => :email) + end + + def update + @alias = @user.get_email_alias(params[:id]) + @alias.set_email(params[:email_alias]) + flash[:notice] = t(:email_alias_updated_successfully) unless @alias.errors + respond_with @alias, :location => edit_user_path(@user, :anchor => :email) + end + + def destroy + @alias = @user.get_email_alias(params[:id]) + flash[:notice] = t(:email_alias_destroyed_successfully) + @alias.destroy + redirect_to edit_user_path(@user, :anchor => :email) + end + + protected + + def fetch_user + @user = User.find_by_param(params[:user_id]) + access_denied unless admin? or (@user == current_user) + end +end diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 4921a4a..811e8e5 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -30,8 +30,11 @@ class UsersController < ApplicationController end def update - if @user.update_attributes(params[:user]) + @user.attributes = params[:user] + if @user.changed? and @user.save flash[:notice] = t(:user_updated_successfully) + else + flash[:error] = @user.errors.full_messages end respond_with @user, :location => edit_user_path(@user) end |