Sha256: 8d6a158f8b7b6427ec42b35829c46f0ef23867308de9272ed7286952e81a3ca8
Contents?: true
Size: 1.6 KB
Versions: 1
Compression:
Stored size: 1.6 KB
Contents
class Users::Base::UsersController < AbstractResourcesController
# before_filter :authenticate_user!
# after_action :verify_authorized
before_filter :check_user_permissions, only: :create
# def index
# @users = User.all
# authorize User
# end
# def index
# @resources = policy_scope(User)
# authorize User
# end
#
# def show
# @user = User.find(params[:id])
# authorize @user
# end
#
# def update
# @user = User.find(params[:id])
# authorize @user
# if @user.update_attributes(secure_params)
# redirect_to users_path, :notice => "User updated."
# else
# redirect_to users_path, :alert => "Unable to update user."
# end
# end
#
# def destroy
# user = User.find(params[:id])
# authorize user
# user.destroy
# redirect_to users_path, :notice => "User deleted."
# end
def update
if params[:user][:password].blank? && params[:user][:password].blank?
params[:user].delete :password
params[:user].delete :password_confirmation
end
authorize resource
resource.max_role = current_user.role
if resource.update_attributes(secure_params)
redirect_to users_path, :notice => "User updated."
else
render :edit, :alert => "Unable to update user."
end
# super
end
private
def resource_params
secure_params
end
def secure_params
params.require(:user).permit(:role,:name,:email,:active,:account_id, :password, :password_confirmation)
end
def check_user_permissions
# UserPermission.where(email: params[:user][:email]).count == 1
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| oxen_account-0.1.1 | app/controllers/users/base/users_controller.rb |