Permalink
Browse files

allow admin to change user's role

  • Loading branch information...
1 parent b815b41 commit 003796b009c507b423e74333a7bd1ad21833d979 @DanielKehoe DanielKehoe committed Oct 10, 2012
Showing with 46 additions and 10 deletions.
  1. +3 −3 Gemfile.lock
  2. +12 −2 app/controllers/users_controller.rb
  3. +1 −0 app/models/user.rb
  4. +15 −0 app/views/users/_user.html.erb
  5. +6 −3 app/views/users/index.html.erb
  6. +1 −1 config/routes.rb
  7. +8 −1 db/seeds.rb
View
@@ -78,7 +78,7 @@ GEM
factory_girl (~> 4.1.0)
railties (>= 3.0.0)
ffi (1.1.5)
- gherkin (2.11.2)
+ gherkin (2.11.4)
json (>= 1.4.6)
hike (1.2.1)
i18n (0.6.1)
@@ -152,7 +152,7 @@ GEM
libwebsocket (~> 0.1.3)
multi_json (~> 1.0)
rubyzip
- simple_form (2.0.3)
+ simple_form (2.0.4)
actionpack (~> 3.0)
activemodel (~> 3.0)
sprockets (2.1.3)
@@ -162,7 +162,7 @@ GEM
sqlite3 (1.3.6)
thor (0.16.0)
tilt (1.3.3)
- treetop (1.4.10)
+ treetop (1.4.11)
polyglot
polyglot (>= 0.3.1)
tzinfo (0.3.33)
@@ -10,14 +10,24 @@ def show
@user = User.find(params[:id])
end
+ def update
+ authorize! :update, @user, :message => 'Not authorized as an administrator.'
+ @user = User.find(params[:id])
+ if @user.update_attributes(params[:user], :as => :admin)
+ redirect_to users_path, :notice => "User updated."
+ else
+ redirect_to users_path, :alert => "Unable to update user."
+ end
+ end
+
def destroy
authorize! :destroy, @user, :message => 'Not authorized as an administrator.'
user = User.find(params[:id])
unless user == current_user
user.destroy
- redirect_to users_url, :notice => "User deleted."
+ redirect_to users_path, :notice => "User deleted."
else
- redirect_to users_url, :notice => "Can't delete yourself."
+ redirect_to users_path, :notice => "Can't delete yourself."
end
end
end
View
@@ -7,6 +7,7 @@ class User < ActiveRecord::Base
:recoverable, :rememberable, :trackable, :validatable
# Setup accessible (or protected) attributes for your model
+ attr_accessible :role_ids, :as => :admin
attr_accessible :name, :email, :password, :password_confirmation, :remember_me
end
@@ -0,0 +1,15 @@
+<div id="role-options-<%= user.id %>" class="modal" style="display: none;">
+ <%= simple_form_for user, :url => user_path(user), :html => {:method => :put, :class => 'form-horizontal' } do |f| %>
+ <div class="modal-header">
+ <a class="close" data-dismiss="modal">&#215;</a>
+ <h3>Change Role</h3>
+ </div>
+ <div class="modal-body">
+ <%= f.input :role_ids, :collection => Role.all, :as => :radio_buttons, :label_method => lambda {|t| t.name.titleize}, :label => false, :item_wrapper_class => 'inline' %>
+ </div>
+ <div class="modal-footer">
+ <%= f.submit "Change Role", :class => "btn" %>
+ <a class="btn" data-dismiss="modal" href="#">Close</a>
+ </div>
+ <% end %>
+</div>
@@ -1,11 +1,11 @@
<h3>Users</h3>
<div class="span6">
-<table class="table table-striped table-condensed">
+<table class="table table-condensed">
<thead>
<tr>
<th>Username</th>
<th>Email</th>
- <th>Date registered</th>
+ <th>Registered</th>
<th>Role</th>
<th></th>
<th></th>
@@ -18,7 +18,10 @@
<td><%= user.email %></td>
<td><%= user.created_at.to_date %></td>
<td><%= user.roles.first.name.titleize unless user.roles.first.nil? %></td>
- <td><a data-toggle="modal" href="#role-options" class="btn btn-mini" type="button">Change role</a></td>
+ <td>
+ <a data-toggle="modal" href="#role-options-<%= user.id %>" class="btn btn-mini" type="button">Change role</a>
+ <%= render user %>
+ </td>
<td><%= link_to("Delete user", user_path(user), :data => { :confirm => "Are you sure?" }, :method => :delete, :class => 'btn btn-mini') unless user == current_user %></td>
</tr>
<% end %>
View
@@ -4,5 +4,5 @@
end
root :to => "home#index"
devise_for :users
- resources :users, :only => [:show, :index, :destroy]
+ resources :users, :only => [:show, :index, :update, :destroy]
end
View
@@ -5,9 +5,16 @@
#
# cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
# Mayor.create(name: 'Emanuel', city: cities.first)
+puts 'CREATING ROLES'
+Role.create([
+ { :name => 'admin' },
+ { :name => 'user' },
+ { :name => 'VIP' }
+], :without_protection => true)
puts 'SETTING UP DEFAULT USER LOGIN'
user = User.create! :name => 'First User', :email => 'user@example.com', :password => 'please', :password_confirmation => 'please'
puts 'New user created: ' << user.name
+user.add_role :admin
user2 = User.create! :name => 'Second User', :email => 'user2@example.com', :password => 'please', :password_confirmation => 'please'
puts 'New user created: ' << user2.name
-user.add_role :admin
+user.add_role :VIP

0 comments on commit 003796b

Please sign in to comment.