Method: UsersController#update

Defined in:
app/controllers/users_controller.rb

#updateObject



45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# File 'app/controllers/users_controller.rb', line 45

def update
  @user = User.find(params[:id])
  authorize! :update, @user

  # strip out role and active params so that a non admin
  # could not change his own role and permissions
  params = can?(:manage, User) ? user_params : user_params.except(:active, :role, :comment)

  if @user.update(params)
    flash[:success] = I18n.t('txt.controllers.users.successfully_updated')
    redirect_to can?(:manage, User) ? users_path : dashboard_path
  else
    render action: :edit
  end
end