lib/ditty/controllers/users.rb in ditty-0.3.0 vs lib/ditty/controllers/users.rb in ditty-0.3.1
- old
+ new
@@ -93,13 +93,16 @@
values = permitted_attributes(settings.model_class, :update)
roles = values.delete('role_id')
entity.set values
if entity.valid? && entity.save
- entity.remove_all_roles
- roles.each { |role_id| entity.add_role(role_id) } if roles
- entity.check_roles
+ if roles
+ entity.remove_all_roles
+ roles.each { |role_id| entity.add_role(role_id) }
+ entity.check_roles
+ end
+
log_action("#{dehumanized}_update".to_sym) if settings.track_actions
respond_to do |format|
format.html do
flash[:success] = "#{heading} Updated"
redirect "/users/#{entity.id}"
@@ -110,11 +113,18 @@
body entity.to_hash.to_json
status 200
end
end
else
- haml :"#{view_location}/edit", locals: { entity: entity, title: heading(:edit) }
+ respond_to do |format|
+ format.html do
+ haml :"#{view_location}/edit", locals: { entity: entity, title: heading(:edit) }
+ end
+ format.json do
+ 400
+ end
+ end
end
end
put '/:id/identity' do |id|
entity = dataset[id.to_i]
@@ -138,11 +148,11 @@
values = permitted_attributes(Identity, :create)
identity.set values
if identity.valid? && identity.save
log_action("#{dehumanized}_update_password".to_sym) if settings.track_actions
flash[:success] = 'Password Updated'
- redirect "#{base_path}/#{entity.id}"
- elsif current_user.super_admin?
+ redirect back
+ elsif current_user.super_admin? && current_user.id != id
haml :"#{view_location}/display", locals: { entity: entity, identity: identity, title: heading }
else
haml :"#{view_location}/profile", locals: { entity: entity, identity: identity, title: heading }
end
end