2015-09-12 15:37:05 -05:00
|
|
|
class UsersController < ApplicationController
|
2015-09-18 15:50:52 -05:00
|
|
|
def index
|
2015-10-20 21:49:59 -05:00
|
|
|
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
|
|
|
|
|
|
|
|
@admins = Person.admins
|
|
|
|
@staff = Person.staff
|
2015-09-18 15:50:52 -05:00
|
|
|
end
|
2015-10-20 21:49:59 -05:00
|
|
|
|
|
|
|
def new
|
|
|
|
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
|
|
|
|
|
|
|
|
@user = Person.new
|
|
|
|
end
|
|
|
|
|
|
|
|
def register
|
|
|
|
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
|
|
|
|
|
|
|
|
@user = Person.create(user_params)
|
|
|
|
if @user
|
|
|
|
redirect_to :root, notice: 'Success! We will authorize you soon.'
|
|
|
|
return
|
|
|
|
else
|
|
|
|
render :new
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def edit
|
|
|
|
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
|
|
|
|
|
|
|
|
@user = Person.find_by_id(params[:id])
|
|
|
|
end
|
|
|
|
|
|
|
|
def show
|
|
|
|
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
|
|
|
|
|
|
|
|
@user = Person.find_by_id(params[:id])
|
|
|
|
end
|
|
|
|
|
|
|
|
def update
|
|
|
|
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
|
|
|
|
|
|
|
|
@user = Person.find(params[:id])
|
|
|
|
if @user.update(user_params)
|
|
|
|
redirect_to user_path(@user), notice: 'Updated!'
|
|
|
|
else
|
|
|
|
render :edit
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def verify_admin! user
|
|
|
|
user && user.admin?
|
|
|
|
end
|
|
|
|
|
|
|
|
def user_params
|
|
|
|
params.require(:user).permit(
|
|
|
|
:first_name,
|
|
|
|
:last_name,
|
|
|
|
:phone,
|
|
|
|
:email,
|
|
|
|
:admin,
|
2015-10-23 19:57:32 -05:00
|
|
|
:staff,
|
|
|
|
:active
|
2015-10-20 21:49:59 -05:00
|
|
|
)
|
|
|
|
end
|
2015-09-12 15:37:05 -05:00
|
|
|
end
|