diff options
author | guntasgrewal <guntasgrewal@gmail.com> | 2014-03-25 17:30:10 -0400 |
---|---|---|
committer | guntasgrewal <guntasgrewal@gmail.com> | 2014-03-25 17:30:10 -0400 |
commit | 0c22c4bd9a0b4a0b0ff5840c1af41c0b320e3529 (patch) | |
tree | 2fc2082814e513ec5d68b22e7fa07d268df6d788 /app/controllers/users_controller.rb | |
parent | 8435c0a5ec9889a9da6ede2e24c044d64b279095 (diff) |
added match status
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r-- | app/controllers/users_controller.rb | 30 |
1 files changed, 4 insertions, 26 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 70facca..b18efed 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,7 +1,5 @@ class UsersController < ApplicationController before_action :set_user, only: [:show, :edit, :update, :destroy] - before_action :perms_edit, only: [:edit, :update, :destroy] - before_action :perms_create, only: [:new, :create] # GET /users # GET /users.json @@ -12,7 +10,6 @@ class UsersController < ApplicationController # GET /users/1 # GET /users/1.json def show - @user = User.find(params[:id]) end # GET /users/new @@ -28,14 +25,13 @@ class UsersController < ApplicationController # POST /users.json def create @user = User.new(user_params) - @user.groups = 0 + respond_to do |format| if @user.save - sign_in @user - format.html { redirect_to root_path, notice: 'User was successfully created.' } + format.html { redirect_to @user, notice: 'User was successfully created.' } format.json { render action: 'show', status: :created, location: @user } else - format.html { render action: 'new', status: :unprocessable_entity } + format.html { render action: 'new' } format.json { render json: @user.errors, status: :unprocessable_entity } end end @@ -71,26 +67,8 @@ class UsersController < ApplicationController @user = User.find(params[:id]) end - def perms_edit - unless (current_user == @user) or (signed_in? and current_user.in_group? :admin) - respond_to do |format| - format.html { render action: 'permission_denied', status: :forbidden } - format.json { render json: "Permission denied", status: :forbidden } - end - end - end - - def perms_create - if signed_in? - respond_to do |format| - format.html { render action: 'already_signed_in', status: :unprocessable_entity } - format.json { render json: "Already signed in", status: :unprocessable_entity } - end - end - end - # Never trust parameters from the scary internet, only allow the white list through. def user_params - params.require(:user).permit(:name, :email, :user_name, :password, :password_confirmation) + params.require(:user).permit(:name, :email, :user_name) end end |