Patch #11057 » 0001-Confirm-admin-flag-change-on-a-separate-page.patch
| app/controllers/users_controller.rb | ||
|---|---|---|
| 19 | 19 |
layout 'admin' |
| 20 | 20 | |
| 21 | 21 |
before_filter :require_admin, :except => :show |
| 22 |
before_filter :find_user, :only => [:show, :edit, :update, :destroy, :edit_membership, :destroy_membership] |
|
| 22 |
before_filter :find_user, :only => [:show, :edit, :update, :destroy, :edit_membership, :destroy_membership, :edit_admin, :update_admin] |
|
| 23 |
before_filter :check_self, :only => [:edit_admin, :update_admin] |
|
| 23 | 24 |
accept_api_auth :index, :show, :create, :update, :destroy |
| 24 | 25 | |
| 25 | 26 |
helper :sort |
| ... | ... | |
| 96 | 97 |
def create |
| 97 | 98 |
@user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option) |
| 98 | 99 |
@user.safe_attributes = params[:user] |
| 99 |
@user.admin = params[:user][:admin] || false
|
|
| 100 |
@user.admin = false |
|
| 100 | 101 |
@user.login = params[:user][:login] |
| 101 | 102 |
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id |
| 102 | 103 | |
| ... | ... | |
| 139 | 140 | |
| 140 | 141 |
verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
|
| 141 | 142 |
def update |
| 142 |
@user.admin = params[:user][:admin] if params[:user][:admin] |
|
| 143 | 143 |
@user.login = params[:user][:login] if params[:user][:login] |
| 144 | 144 |
if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) |
| 145 | 145 |
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] |
| ... | ... | |
| 225 | 225 |
end |
| 226 | 226 |
end |
| 227 | 227 | |
| 228 |
def edit_admin |
|
| 229 |
end |
|
| 230 | ||
| 231 |
def update_admin |
|
| 232 |
@user.admin = params[:admin] if params[:admin] |
|
| 233 |
if @user.save |
|
| 234 |
respond_to do |format| |
|
| 235 |
format.html {
|
|
| 236 |
flash[:notice] = l(:notice_successful_update) |
|
| 237 |
redirect_to :controller => 'users', :action => 'edit', :id => @user |
|
| 238 |
} |
|
| 239 |
end |
|
| 240 |
end |
|
| 241 |
end |
|
| 242 | ||
| 228 | 243 |
private |
| 229 | 244 | |
| 230 | 245 |
def find_user |
| ... | ... | |
| 237 | 252 |
rescue ActiveRecord::RecordNotFound |
| 238 | 253 |
render_404 |
| 239 | 254 |
end |
| 255 | ||
| 256 |
def check_self |
|
| 257 |
# prevent user from unsetting admin flag on himself |
|
| 258 |
redirect_to(:controller => 'users', :action => 'edit', :id => @user) if @user == User.current |
|
| 259 |
end |
|
| 240 | 260 |
end |
| app/views/users/_form.html.erb | ||
|---|---|---|
| 18 | 18 |
<p><%= custom_field_tag_with_label :user, value %></p> |
| 19 | 19 |
<% end %> |
| 20 | 20 | |
| 21 |
<p><%= f.check_box :admin, :disabled => (@user == User.current) %></p> |
|
| 21 |
<p> |
|
| 22 |
<%= f.check_box :admin, :disabled => true %> |
|
| 23 |
<%= link_to(l(:button_edit), edit_admin_user_path(@user)) unless @user == User.current %> |
|
| 24 |
</p> |
|
| 22 | 25 |
<%= call_hook(:view_users_form, :user => @user, :form => f) %> |
| 23 | 26 |
</fieldset> |
| 24 | 27 | |
| app/views/users/edit_admin.html.erb | ||
|---|---|---|
| 1 |
<h2><%=l(:label_confirmation)%></h2> |
|
| 2 |
<div class="warning"> |
|
| 3 |
<p><strong><%=h @user.login %></strong><br /> |
|
| 4 |
<%=l(:text_user_admin_flag_confirmation)%> |
|
| 5 | ||
| 6 |
<p> |
|
| 7 |
<% form_tag(update_admin_user_path(@user), :method => :post) do %> |
|
| 8 |
<%= hidden_field_tag 'admin', '0' %> |
|
| 9 |
<label><%= check_box_tag 'admin', 1, @user.admin? %> <%= l(:field_admin) %></label> |
|
| 10 |
<%= submit_tag l(:button_save) %> |
|
| 11 |
<% end %> |
|
| 12 |
</p> |
|
| 13 |
</div> |
|
| config/locales/en.yml | ||
|---|---|---|
| 961 | 961 |
text_scm_command_version: Version |
| 962 | 962 |
text_scm_config: You can configure your scm commands in config/configuration.yml. Please restart the application after editing it. |
| 963 | 963 |
text_scm_command_not_available: Scm command is not available. Please check settings on the administration panel. |
| 964 |
text_user_admin_flag_confirmation: "You can change the administrator flag for this user below:" |
|
| 964 | 965 | |
| 965 | 966 |
default_role_manager: Manager |
| 966 | 967 |
default_role_developer: Developer |
| config/routes.rb | ||
|---|---|---|
| 132 | 132 | |
| 133 | 133 |
map.resources :users, :member => {
|
| 134 | 134 |
:edit_membership => :post, |
| 135 |
:destroy_membership => :post |
|
| 135 |
:destroy_membership => :post, |
|
| 136 |
:edit_admin => :get, |
|
| 137 |
:update_admin => :post |
|
| 136 | 138 |
} |
| 137 | 139 | |
| 138 | 140 |
# For nice "roadmap" in the url for the index action |