rails_apps_pages 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 91f0a789ab7a631bd1c960d6e31c4a3e930cacc1
|
4
|
+
data.tar.gz: fb311d6dd546c5db30530a373ae690a0fca919f8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 49aad27b6c788032096b48110223eb49da2ebe8e621b9f42f85259ffd68ae188f2853acbf70e58fe06b3b2b3493af77e25d52e61c9c0f78f9d1b5daac9009d43
|
7
|
+
data.tar.gz: 6ade9f5fd9558ed5f8ae98174ff73c91b11ab869ab7750cb40f22e62bea9a181b41b1370057ee5e42766bbdf04bb1a4e2224f060e0279e59dfd2aedaff70e22b
|
data/CHANGELOG.textile
CHANGED
@@ -1,21 +1,26 @@
|
|
1
1
|
class UserPolicy
|
2
|
-
attr_reader :
|
2
|
+
attr_reader :current_user, :model
|
3
3
|
|
4
|
-
def initialize(
|
5
|
-
@
|
6
|
-
@
|
4
|
+
def initialize(current_user, model)
|
5
|
+
@current_user = current_user
|
6
|
+
@user = model
|
7
7
|
end
|
8
8
|
|
9
9
|
def index?
|
10
|
-
@
|
10
|
+
@current_user.admin?
|
11
|
+
end
|
12
|
+
|
13
|
+
def show?
|
14
|
+
@current_user.admin? or @current_user == @user
|
11
15
|
end
|
12
16
|
|
13
17
|
def update?
|
14
|
-
@
|
18
|
+
@current_user.admin?
|
15
19
|
end
|
16
20
|
|
17
21
|
def destroy?
|
18
|
-
@user
|
22
|
+
raise "Cannot delete yourself." if @current_user == @user
|
23
|
+
@current_user.admin?
|
19
24
|
end
|
20
25
|
|
21
26
|
end
|
@@ -1,19 +1,15 @@
|
|
1
1
|
class UsersController < ApplicationController
|
2
2
|
before_filter :authenticate_user!
|
3
|
-
after_action :verify_authorized
|
3
|
+
after_action :verify_authorized
|
4
4
|
|
5
5
|
def index
|
6
6
|
@users = User.all
|
7
|
-
authorize
|
7
|
+
authorize User
|
8
8
|
end
|
9
9
|
|
10
10
|
def show
|
11
11
|
@user = User.find(params[:id])
|
12
|
-
|
13
|
-
unless @user == current_user
|
14
|
-
redirect_to :back, :alert => "Access denied."
|
15
|
-
end
|
16
|
-
end
|
12
|
+
authorize @user
|
17
13
|
end
|
18
14
|
|
19
15
|
def update
|
@@ -29,12 +25,8 @@ class UsersController < ApplicationController
|
|
29
25
|
def destroy
|
30
26
|
user = User.find(params[:id])
|
31
27
|
authorize user
|
32
|
-
|
33
|
-
|
34
|
-
redirect_to users_path, :notice => "User deleted."
|
35
|
-
else
|
36
|
-
redirect_to users_path, :notice => "Can't delete yourself."
|
37
|
-
end
|
28
|
+
user.destroy
|
29
|
+
redirect_to users_path, :notice => "User deleted."
|
38
30
|
end
|
39
31
|
|
40
32
|
private
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rails_apps_pages
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Kehoe
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-06-
|
11
|
+
date: 2014-06-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|