From: Jozef Zigmund <[email protected]> updated to make 'quota' setting editable and to incorporate mtaylor's edits to allow admins to edit other user profiles.
Signed-off-by: Scott Seago <[email protected]> --- src/app/controllers/users_controller.rb | 36 +++++++++++++++++++++++++------ src/app/models/permissioned_object.rb | 1 + src/app/models/user.rb | 1 + src/app/views/users/_form.haml | 19 ++++++++++++++++ src/app/views/users/edit.haml | 24 +++++++++++++++----- 5 files changed, 68 insertions(+), 13 deletions(-) diff --git a/src/app/controllers/users_controller.rb b/src/app/controllers/users_controller.rb index 2e8a501..76fe756 100644 --- a/src/app/controllers/users_controller.rb +++ b/src/app/controllers/users_controller.rb @@ -50,16 +50,38 @@ class UsersController < ApplicationController end def edit - @user = @current_user + @user = params[:id] ? User.find(params[:id]) : @current_user + if @user + if @user != @current_user + if !BasePermissionObject.general_permission_scope.can_modify_users(@current_user) + flash[:notice] = "Invalid Permission to perform this operation" + redirect_to :dashboard + end + end + end end def update - @user = @current_user # makes our views "cleaner" and more consistent - if @user.update_attributes(params[:user]) - flash[:notice] = "User updated!" - redirect_to account_url - else - render :action => :edit + if params[:make_changes] || params[:save] + @user = params[:user][:id] ? User.find(params[:user][:id]) : @current_user + if @user + if @user != @current_user + if !BasePermissionObject.general_permission_scope.can_modify_users(@current_user) + flash[:notice] = "Invalid Permission to perform this operation" + redirect_to :dashboard + end + end + if @user.update_attributes(params[:user]) + flash[:notice] = "User updated!" + redirect_to account_url + else + render :action => :edit + end + end + elsif params[:reset] + redirect_to :action => "edit", :user => @user + elsif params[:back] + redirect_to users_path end end diff --git a/src/app/models/permissioned_object.rb b/src/app/models/permissioned_object.rb index d5e2afb..24aebe0 100644 --- a/src/app/models/permissioned_object.rb +++ b/src/app/models/permissioned_object.rb @@ -81,6 +81,7 @@ module PermissionedObject end def has_privilege(user, privilege) + return false if user.nil? permissions.find(:first, :include => [:role => :privileges], :conditions => ["permissions.user_id=:user and privileges.name=:priv", diff --git a/src/app/models/user.rb b/src/app/models/user.rb index 0281a45..dad49c8 100644 --- a/src/app/models/user.rb +++ b/src/app/models/user.rb @@ -26,4 +26,5 @@ class User < ActiveRecord::Base has_many :owned_instances, :class_name => "Instance", :foreign_key => "owner_id" belongs_to :quota + accepts_nested_attributes_for :quota end diff --git a/src/app/views/users/_form.haml b/src/app/views/users/_form.haml index 8311c16..b629d5e 100644 --- a/src/app/views/users/_form.haml +++ b/src/app/views/users/_form.haml @@ -7,6 +7,13 @@ %fieldset = form.label :password_confirmation, "Confirm password:" = form.password_field :password_confirmation +-if has_user_modify? + %fieldset + = form.label :user_status + = radio_button_tag "user_status","Active",true + = label_tag "user_status", "Active" + = radio_button_tag "user_status","Inactive" + = label_tag "user_status", "Inactive" %fieldset = form.label :first_name = form.text_field :first_name @@ -16,3 +23,15 @@ %fieldset = form.label :email = form.text_field :email +-if has_user_modify? + %h3 USER TREATMENT + = label_tag 'apply_treatment', "Apply User Treatment:" + = select_tag 'user_treatment', options_for_select(["Choose Treatment"]) + = submit_tag 'Apply', :disabled => true + %br/ + %hr + - form.fields_for :quota do |quota_form| + %fieldset + = quota_form.label :maximum_running_instances + = quota_form.text_field :maximum_running_instances + (instances) diff --git a/src/app/views/users/edit.haml b/src/app/views/users/edit.haml index e4a1ac7..fd333b9 100644 --- a/src/app/views/users/edit.haml +++ b/src/app/views/users/edit.haml @@ -1,8 +1,20 @@ .formwindow +- if has_user_modify? + %h2 + EDITING USER: + = @user.first_name + " " + @user.last_name + %h3 BASIC USER INFORMATION +- else %h2 Edit an Account - - form_for @user, :url => account_path, :html => {:id => "login"} do |f| - = f.error_messages - = render :partial => "form", :object => f - = f.submit "Make Changes", :class => "formbutton" - %br/ - = link_to "Cancel", account_path, :class => "formbuton" +- form_for @user, :url => { :action => 'update' } do |f| + = f.error_messages + = hidden_field :user, :id, :value => @user.id + = render :partial => "form", :object => f + - if has_user_modify? + = f.submit "Back", :class => "formbutton", :name => "back" + = f.submit "Reset", :class => "formbutton", :name => "reset" + = f.submit "Save", :class => "formbutton", :name => "save" + - else + = f.submit "Make Changes", :class => "formbutton", :name => "make_changes" + %br/ + = link_to "Cancel", account_path, :class => "formbuton" -- 1.7.2.2 _______________________________________________ deltacloud-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/deltacloud-devel
