Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Add same protections to deleting users as demoting

  • Loading branch information...
commit 32d8f192052de0f58620f3d9e866d1bedd722f98 1 parent b8ec3bb
Mark Tabler authored June 10, 2013
2  app/controllers/admin/users_controller.rb
@@ -31,7 +31,7 @@ def demote
31 31
 
32 32
   def destroy
33 33
     @user = User.find(params[:id])
34  
-    @user.destroy
  34
+    @user.destroy unless @user == current_user
35 35
     return redirect_to admin_users_path
36 36
   end
37 37
   
2  app/views/admin/users/index.html.erb
@@ -21,7 +21,7 @@
21 21
     <td><%= link_to user.name, edit_admin_user_path(user) %></td>
22 22
     <td><%= user.pincode %></td>
23 23
     <td><%= user.admin? ? "Yes" : "No" %></td>
24  
-    <td><%= link_to "Delete", admin_user_path(user), method: :delete, data: { confirm: "Delete #{user.name}? This action cannot be undone."} %></td>
  24
+    <td><%= link_to "Delete", admin_user_path(user), method: :delete, data: { confirm: "Delete #{user.name}? This action cannot be undone."} unless user == current_user %></td>
25 25
   </tr>
26 26
   <% end %>
27 27
 </table>

0 notes on commit 32d8f19

Please sign in to comment.
Something went wrong with that request. Please try again.