0001-Confirm-admin-flag-change-on-a-separate-page.patch

Alex Shulgin, 2012-05-30 16:44

Download (5.61 KB)

View differences:

app/controllers/users_controller.rb
19 19
  layout 'admin'
20 20

  
21 21
  before_filter :require_admin, :except => :show
22
  before_filter :find_user, :only => [:show, :edit, :update, :destroy, :edit_membership, :destroy_membership]
22
  before_filter :find_user, :only => [:show, :edit, :update, :destroy, :edit_membership, :destroy_membership, :edit_admin, :update_admin]
23
  before_filter :check_self, :only => [:edit_admin, :update_admin]
23 24
  accept_api_auth :index, :show, :create, :update, :destroy
24 25

  
25 26
  helper :sort
......
96 97
  def create
97 98
    @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
98 99
    @user.safe_attributes = params[:user]
99
    @user.admin = params[:user][:admin] || false
100
    @user.admin = false
100 101
    @user.login = params[:user][:login]
101 102
    @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id
102 103

  
......
139 140

  
140 141
  verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
141 142
  def update
142
    @user.admin = params[:user][:admin] if params[:user][:admin]
143 143
    @user.login = params[:user][:login] if params[:user][:login]
144 144
    if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
145 145
      @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
......
225 225
    end
226 226
  end
227 227

  
228
  def edit_admin
229
  end
230

  
231
  def update_admin
232
    @user.admin = params[:admin] if params[:admin]
233
    if @user.save
234
      respond_to do |format|
235
        format.html {
236
          flash[:notice] = l(:notice_successful_update)
237
          redirect_to :controller => 'users', :action => 'edit', :id => @user
238
        }
239
      end
240
    end
241
  end
242

  
228 243
  private
229 244

  
230 245
  def find_user
......
237 252
  rescue ActiveRecord::RecordNotFound
238 253
    render_404
239 254
  end
255

  
256
  def check_self
257
    # prevent user from unsetting admin flag on himself
258
    redirect_to(:controller => 'users', :action => 'edit', :id => @user) if @user == User.current
259
  end
240 260
end
app/views/users/_form.html.erb
18 18
    <p><%= custom_field_tag_with_label :user, value %></p>
19 19
  <% end %>
20 20

  
21
  <p><%= f.check_box :admin, :disabled => (@user == User.current) %></p>
21
  <p>
22
   <%= f.check_box :admin, :disabled => true %>
23
   <%= link_to(l(:button_edit), edit_admin_user_path(@user)) unless @user == User.current %>
24
  </p>
22 25
  <%= call_hook(:view_users_form, :user => @user, :form => f) %>
23 26
</fieldset>
24 27

  
app/views/users/edit_admin.html.erb
1
<h2><%=l(:label_confirmation)%></h2>
2
<div class="warning">
3
<p><strong><%=h @user.login %></strong><br />
4
<%=l(:text_user_admin_flag_confirmation)%>
5

  
6
<p>
7
 <% form_tag(update_admin_user_path(@user), :method => :post) do %>
8
   <%= hidden_field_tag 'admin', '0' %>
9
   <label><%= check_box_tag 'admin', 1, @user.admin? %> <%= l(:field_admin) %></label>
10
   <%= submit_tag l(:button_save) %>
11
 <% end %>
12
</p>
13
</div>
config/locales/en.yml
961 961
  text_scm_command_version: Version
962 962
  text_scm_config: You can configure your scm commands in config/configuration.yml. Please restart the application after editing it.
963 963
  text_scm_command_not_available: Scm command is not available. Please check settings on the administration panel.
964
  text_user_admin_flag_confirmation: "You can change the administrator flag for this user below:"
964 965

  
965 966
  default_role_manager: Manager
966 967
  default_role_developer: Developer
config/routes.rb
132 132

  
133 133
  map.resources :users, :member => {
134 134
    :edit_membership => :post,
135
    :destroy_membership => :post
135
    :destroy_membership => :post,
136
    :edit_admin => :get,
137
    :update_admin => :post
136 138
  }
137 139

  
138 140
  # For nice "roadmap" in the url for the index action
139
-