51 lines
1.1 KiB
Ruby
51 lines
1.1 KiB
Ruby
class UsersController < ApplicationController
|
|
before_action :set_user, except: %i[ index ]
|
|
before_action :ensure_permission_to_change_user, only: %i[ update destroy ]
|
|
|
|
def index
|
|
set_page_and_extract_portion_from Current.account.users.active.alphabetically
|
|
end
|
|
|
|
def show
|
|
end
|
|
|
|
def edit
|
|
end
|
|
|
|
def update
|
|
if @user.update(user_params)
|
|
respond_to do |format|
|
|
format.html { redirect_to @user }
|
|
format.json { head :no_content }
|
|
end
|
|
else
|
|
respond_to do |format|
|
|
format.html { render :edit, status: :unprocessable_entity }
|
|
format.json { render json: @user.errors, status: :unprocessable_entity }
|
|
end
|
|
end
|
|
end
|
|
|
|
def destroy
|
|
@user.deactivate
|
|
|
|
respond_to do |format|
|
|
format.html { redirect_to users_path }
|
|
format.json { head :no_content }
|
|
end
|
|
end
|
|
|
|
private
|
|
def set_user
|
|
@user = Current.account.users.active.find(params[:id])
|
|
end
|
|
|
|
def ensure_permission_to_change_user
|
|
head :forbidden unless Current.user.can_change?(@user)
|
|
end
|
|
|
|
def user_params
|
|
params.expect(user: [ :name, :avatar ])
|
|
end
|
|
end
|