diff options
| author | guntasgrewal <guntasgrewal@gmail.com> | 2014-04-06 20:09:54 -0400 |
|---|---|---|
| committer | guntasgrewal <guntasgrewal@gmail.com> | 2014-04-06 20:09:54 -0400 |
| commit | f3c395c56a644d976aa9a5608300557600bc683e (patch) | |
| tree | 83cb961a721fa8c50903c70bb08ae14dd15ca58c /app/controllers/users_controller.rb | |
| parent | 7575d8cc70a28b323db0486ed06ab8af33b1f21a (diff) | |
| parent | f85943114dba527a1f87abb03229553472f57c0c (diff) | |
solved merge conflicts
Diffstat (limited to 'app/controllers/users_controller.rb')
| -rw-r--r-- | app/controllers/users_controller.rb | 36 |
1 files changed, 26 insertions, 10 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index bcb45aa..637480f 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -24,17 +24,29 @@ class UsersController < ApplicationController # POST /users # POST /users.json def create - if simple_captcha_valid? - @user = User.new(user_params) + @user = User.new(user_params) + unless (simple_captcha_valid?) respond_to do |format| - if @user.save - sign_in @user - format.html { redirect_to root_path, notice: 'User was successfully created.' } - format.json { render action: 'show', status: :created, location: @user } - else - format.html { render action: 'new', status: :unprocessable_entity } - format.json { render json: @user.errors, status: :unprocessable_entity } + format.html { render action: 'new', status: :unprocessable_entity } + format.json { render json: @user.errors, status: :unprocessable_entity } + end + return + end + + @user.permissions = Server.first.default_user_permissions + respond_to do |format| + if @user.save + sign_in @user + if @user.id == 1 + # This is the first user, so give them all the power + @user.permissions = 0xFFFFFFFF + @user.save end + format.html { redirect_to root_path, notice: 'User was successfully created.' } + format.json { render action: 'show', status: :created, location: @user } + else + format.html { render action: 'new', status: :unprocessable_entity } + format.json { render json: @user.errors, status: :unprocessable_entity } end end end @@ -75,6 +87,10 @@ class UsersController < ApplicationController # Never trust parameters from the scary internet, only allow the white list through. def user_params - params.require(:user).permit(:name, :email, :user_name, :password, :password_confirmation) + permitted = [ :name, :email, :user_name, :password, :password_confirmation ] + if current_user.can? :edit_permissions + permitted.push(:abilities => User.permission_bits.keys) + end + params.require(:user).permit(permitted) end end |