1  class Admin::UsersController < Admin::ResourceController
   2    paginate_models
   3    only_allow_access_to :index, :show, :new, :create, :edit, :update, :remove, :destroy,
   4      :when => :admin,
   5      :denied_url => { :controller => 'pages', :action => 'index' },
   6      :denied_message => 'You must have administrative privileges to perform this action.'
   7 
   8    before_filter :ensure_deletable, :only => [:remove, :destroy]
   9    
  10    def show
  11      redirect_to edit_admin_user_path(params[:id])
  12    end
  13    
  14    def update
  15      user_params = params[model_symbol]
  16      if user_params && user_params['admin'] == false && model == current_user
  17        user_params.delete('admin')
  18        annouce_cannot_remove_self_from_admin_role
  19      end
  20      model.update_attributes!(user_params)
  21      response_for :update
  22    end
  23    
  24    def ensure_deletable
  25      if current_user.id.to_s == params[:id].to_s
  26        announce_cannot_delete_self
  27        redirect_to admin_users_url
  28      end
  29    end
  30    
  31    private
  32    
  33      def announce_cannot_delete_self
  34        flash[:error] = t('users_controller.cannot_delete_self')
  35      end  
  36      
  37      def annouce_cannot_remove_self_from_admin_role
  38        flash[:error] = 'You cannot remove yourself from the admin role.'
  39      end
  40  end