admin status change

2011-02-08 14:51:49 +08:00 · 2011-02-08 14:51:49 +08:00 · 4b4cdbfd31
parent e360baadde
commit 4b4cdbfd31
7 changed files with 17 additions and 3 deletions
--- a/app/controllers/panel/users_controller.rb
+++ b/app/controllers/panel/users_controller.rb
@ -43,7 +43,10 @@ class Panel::UsersController < ApplicationController
    @user.remove_avatar! if params[:file]
    @user.avatar = params[:file] if params[:file]
-    if @user.update_attributes(params[:user])
+    if @user.id.to_s.eql?(session['warden.user.user.key'][1].to_s) && @user.admin != params[:user][:admin].to_i.to_b
      flash.now[:error] = t('panel.cant_revoke_self_admin')
    end
    if !flash[:error] && @user.update_attributes(params[:user])
      flash[:notice] = t('panel.update_success_user')
      redirect_to :action => :index
    else
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -11,7 +11,7 @@ class User
  embeds_many :user_roles
  embeds_many :user_infos
-  before_update :clean_active_roles
+  before_save :clean_active_roles
  # Update or create the user_role records
  def user_roles=(*attrs)
--- a/app/views/panel/users/_form.html.erb
+++ b/app/views/panel/users/_form.html.erb
@ -17,6 +17,10 @@
    <%= f.label :email %>
    <%= f.text_field :email %>
  </p>
  <p>
    <%= t('panel.admin') %>
    <%= f.check_box :admin %>
  </p>
 </div>
 <% if @user_info_models %>
@ -32,7 +36,6 @@
  </fieldset>
 <% end %>
 <%= hidden_field_tag :active_roles, (@user.active_roles.size > 0 rescue nil ) %>
 <% if @user_role_models %>
  <fieldset id="roles" <%= raw(' style="display: none;"') unless (@user.active_roles.size > 0 rescue nil) %>>
  <legend><%= t('panel.roles') %></legend>
--- a/app/views/panel/users/edit.html.erb
+++ b/app/views/panel/users/edit.html.erb
@ -4,6 +4,8 @@
    </ul>
 <% end -%>
 <%= flash_messages %>
 <h1><%= t('panel.user_panel') %></h1>
 <%= form_for @user, :url => panel_user_path(@user), :html => { :multipart => true } do |f| %>
--- a/app/views/panel/users/index.html.erb
+++ b/app/views/panel/users/index.html.erb
@ -13,6 +13,7 @@
    <th><%= t('panel.roles') %></th>
    <th><%= t('panel.name') %></th>
    <th><%= t('panel.email') %></th>
    <th><%= t('panel.admin') %></th>
    <th><%= t('panel.action') %></th>
  </tr>
@ -21,6 +22,7 @@
      <td><%= user.get_roles %></td>
      <td><%= user[:name] %></td>
      <td><%= user.email %></td>
      <td><%= user.admin ? t(:yes_) : t(:no_) %></td>
      <td>
        <%= link_to t(:show), panel_user_path(user) %> |
        <%= link_to t(:edit), edit_panel_user_path(user) %> | 
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -97,7 +97,9 @@ en:
  panel:
    action: Action
    admin: Admin
    cant_delete_self: You can not delete yourself.
    cant_revoke_self_admin: You can not revoke your admin role yourself.
    create_success_user: User was successfully created.
    email: Email
    home: Home
--- a/config/locales/zh_tw.yml
+++ b/config/locales/zh_tw.yml
@ -94,7 +94,9 @@ zh_tw:
  panel:
    action: 行動
    admin: 管理
    cant_delete_self: 您不可以刪除自己。
    cant_revoke_self_admin: 您不可以撤銷自己的管理作用。
    create_success_user: 用戶已成功創建。
    email: Email
    home: 首頁