class Admin::UsersController < Noodall::Admin::BaseController include SortableTable::App::Controllers::ApplicationController sortable_attributes :name, :email, :role # GET /users # GET /users.xml def index @users = User.paginate :page => params[:page], :per_page => 20, :order => sort_order(:default => 'asc') respond_to do |format| format.html # index.html.erb format.xml { render :xml => @users } end end # GET /users/new # GET /users/new.xml def new @user = User.new render :action => 'show' end # GET /users/1/edit def show @user = User.find(params[:id]) end # POST /users # POST /users.xml def create @user = User.new(params[:user]) do |user| # No need for email confirmation user.email_confirmed = true # Because mass assignment is protected user.role = params[:user][:role] end respond_to do |format| if @user.save flash[:notice] = 'User was successfully created.' format.html { redirect_to(admin_users_url) } format.xml { render :xml => @user, :status => :created, :location => @user } else format.html { render :action => "show" } format.xml { render :xml => @user.errors, :status => :unprocessable_entity } end end end # PUT /users/1 # PUT /users/1.xml def update @user = User.find(params[:id]) # Remove password params if blank so devise does not validate them if params[:user][:password].blank? params[:user].delete(:password) params[:user].delete(:password_confirmation) end respond_to do |format| if @user.update_attributes(params[:user]) flash[:notice] = 'User was successfully updated.' format.html { redirect_to(admin_users_url) } format.xml { head :ok } else format.html { render :action => "show" } format.xml { render :xml => @user.errors, :status => :unprocessable_entity } end end end # DELETE /users/1 # DELETE /users/1.xml def destroy @user = User.find(params[:id]) @user.destroy flash[:notice] = 'User was successfully deleted.' respond_to do |format| format.html { redirect_to(admin_users_url) } format.xml { head :ok } end end end