Class: UsersController

Inherits:
ApplicationController show all
Defined in:
app/controllers/users_controller.rb

Overview

Copyright 2011-2013 innoQ Deutschland GmbH

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Instance Method Summary collapse

Instance Method Details

#createObject

[View source]

28
29
30
31
32
33
34
35
36
37
38
# File 'app/controllers/users_controller.rb', line 28

def create
  authorize! :create, User
  @user = User.new(user_params)

  if @user.save
    flash[:success] = I18n.t('txt.controllers.users.successfully_created')
    redirect_to users_path
  else
    render action: :new
  end
end

#destroyObject

[View source]

61
62
63
64
65
66
67
68
# File 'app/controllers/users_controller.rb', line 61

def destroy
  @user = User.find(params[:id])
  authorize! :destroy, @user

  @user.destroy

  redirect_to users_path
end

#editObject

[View source]

40
41
42
43
# File 'app/controllers/users_controller.rb', line 40

def edit
  @user = User.find(params[:id])
  authorize! :update, @user
end

#indexObject

[View source]

18
19
20
21
# File 'app/controllers/users_controller.rb', line 18

def index
  @users = User.all
  authorize! :read, User
end

#newObject

[View source]

23
24
25
26
# File 'app/controllers/users_controller.rb', line 23

def new
  authorize! :create, User
  @user = User.new
end

#updateObject

[View source]

45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# File 'app/controllers/users_controller.rb', line 45

def update
  @user = User.find(params[:id])
  authorize! :update, @user

  # strip out role and active params so that a non admin
  # could not change his own role and permissions
  params = can?(:manage, User) ? user_params : user_params.except(:active, :role, :comment)

  if @user.update(params)
    flash[:success] = I18n.t('txt.controllers.users.successfully_updated')
    redirect_to can?(:manage, User) ? users_path : dashboard_path
  else
    render action: :edit
  end
end