1 class Admin::UsersController < Admin::ResourceController
2 paginate_models
3 only_allow_access_to :index, :show, :new, :create, :edit, :update, :remove, :destroy,
4 :when => :admin,
5 :denied_url => { :controller => 'pages', :action => 'index' },
6 :denied_message => 'You must have administrative privileges to perform this action.'
7
8 before_filter :ensure_deletable, :only => [:remove, :destroy]
9
10 def show
11 redirect_to edit_admin_user_path(params[:id])
12 end
13
14 def update
15 user_params = params[model_symbol]
16 if user_params && user_params['admin'] == false && model == current_user
17 user_params.delete('admin')
18 annouce_cannot_remove_self_from_admin_role
19 end
20 model.update_attributes!(user_params)
21 response_for :update
22 end
23
24 def ensure_deletable
25 if current_user.id.to_s == params[:id].to_s
26 announce_cannot_delete_self
27 redirect_to admin_users_url
28 end
29 end
30
31 private
32
33 def announce_cannot_delete_self
34 flash[:error] = t('users_controller.cannot_delete_self')
35 end
36
37 def annouce_cannot_remove_self_from_admin_role
38 flash[:error] = 'You cannot remove yourself from the admin role.'
39 end
40 end