Permalink
Browse files

destroy action with a before_filter to check for admin.

  • Loading branch information...
1 parent 72ccfed commit 30a8f260cb3e0f43d8db7354acfde556fd6791f6 @sabman committed Mar 4, 2012
Showing with 11 additions and 0 deletions.
  1. +11 −0 app/controllers/users_controller.rb
@@ -1,6 +1,7 @@
class UsersController < ApplicationController
before_filter :signed_in_user, only: [:index, :edit, :update]
before_filter :correct_user, only: [:edit, :update]
+ before_filter :admin_user, only: :destroy
def index
@users = User.paginate(page: params[:page])
@@ -38,6 +39,12 @@ def update
end
end
+ def destroy
+ User.find(params[:id]).destroy
+ flash[:success] = "User destroyed."
+ redirect_to users_path
+ end
+
private
def signed_in_user
unless signed_in?
@@ -50,4 +57,8 @@ def correct_user
@user = User.find(params[:id])
redirect_to(root_path) unless current_user?(@user)
end
+
+ def admin_user
+ redirect_to root_path unless current_user.admin?
+ end
end

0 comments on commit 30a8f26

Please sign in to comment.