diff options
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Admin/Users.pm | 23 | ||||
| -rw-r--r-- | templates/web/base/admin/bodies/open311-form-fields.html | 2 | ||||
| -rw-r--r-- | templates/web/base/admin/users/form.html | 5 | ||||
| -rw-r--r-- | templates/web/base/admin/users/import.html | 4 | ||||
| -rw-r--r-- | templates/web/base/admin/users/index.html | 2 |
5 files changed, 22 insertions, 14 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Admin/Users.pm b/perllib/FixMyStreet/App/Controller/Admin/Users.pm index 0d7c23fff..2137f1135 100644 --- a/perllib/FixMyStreet/App/Controller/Admin/Users.pm +++ b/perllib/FixMyStreet/App/Controller/Admin/Users.pm @@ -189,19 +189,24 @@ sub fetch_body_roles : Private { $c->stash->{roles} = [ $roles->all ]; } -sub edit : Path : Args(1) { +sub user : Chained('/') PathPart('admin/users') : CaptureArgs(1) { my ( $self, $c, $id ) = @_; - $c->forward('/auth/get_csrf_token'); - my $user = $c->cobrand->users->find( { id => $id } ); $c->detach( '/page_error_404_not_found', [] ) unless $user; + $c->stash->{user} = $user; unless ( $c->user->has_body_permission_to('user_edit') || $c->cobrand->moniker eq 'zurich' ) { $c->detach('/page_error_403_access_denied', []); } +} - $c->stash->{user} = $user; +sub edit : Chained('user') : PathPart('') : Args(0) { + my ( $self, $c ) = @_; + + $c->forward('/auth/get_csrf_token'); + + my $user = $c->stash->{user}; $c->forward( '/admin/check_username_for_abuse', [ $user ] ); if ( $user->from_body && $c->user->has_permission_to('user_manage_permissions', $user->from_body->id) ) { @@ -232,7 +237,7 @@ sub edit : Path : Args(1) { } elsif ( $c->get_param('submit') and $c->get_param('send_login_email') ) { my $email = lc $c->get_param('email'); my %args = ( email => $email ); - $args{user_id} = $id if $user->email ne $email || !$user->email_verified; + $args{user_id} = $user->id if $user->email ne $email || !$user->email_verified; $c->forward('send_login_email', [ \%args ]); } elsif ( $c->get_param('update_alerts') ) { $c->forward('update_alerts'); @@ -292,8 +297,8 @@ sub edit : Path : Args(1) { if ($existing_user_cobrand) { $existing_user->adopt($user); - $c->forward( '/admin/log_edit', [ $id, 'user', 'merge' ] ); - return $c->res->redirect( $c->uri_for_action( 'admin/users/edit', $existing_user->id ) ); + $c->forward( '/admin/log_edit', [ $user->id, 'user', 'merge' ] ); + return $c->res->redirect( $c->uri_for_action( 'admin/users/edit', [ $existing_user->id ] ) ); } $user->email($email) if !$existing_email; @@ -383,7 +388,7 @@ sub edit : Path : Args(1) { $user->update; if ($edited) { - $c->forward( '/admin/log_edit', [ $id, 'user', 'edit' ] ); + $c->forward( '/admin/log_edit', [ $user->id, 'user', 'edit' ] ); } $c->flash->{status_message} = _("Updated!"); @@ -420,7 +425,7 @@ sub post_edit_redirect : Private { # User may not be visible on this cobrand, e.g. if their from_body # wasn't set. if ( $c->cobrand->users->find( { id => $user->id } ) ) { - return $c->res->redirect( $c->uri_for_action( 'admin/users/edit', $user->id ) ); + return $c->res->redirect( $c->uri_for_action( 'admin/users/edit', [ $user->id ] ) ); } else { return $c->res->redirect( $c->uri_for_action( 'admin/users/index' ) ); } diff --git a/templates/web/base/admin/bodies/open311-form-fields.html b/templates/web/base/admin/bodies/open311-form-fields.html index be2f13af0..dbb0f84e2 100644 --- a/templates/web/base/admin/bodies/open311-form-fields.html +++ b/templates/web/base/admin/bodies/open311-form-fields.html @@ -90,7 +90,7 @@ <label for"comment_user_id">[% loc('User ID to attribute fetched comments to') %]</label> <input type="text" class="form-control" name="comment_user_id" value="[% object.comment_user_id %]"> [% IF object.comment_user_id %] - <a href="[% c.uri_for_action('admin/users/edit', object.comment_user_id) %]">[% loc('edit user') %]</a> + <a href="[% c.uri_for_action('admin/users/edit', [ object.comment_user_id ]) %]">[% loc('edit user') %]</a> [% END %] </p> diff --git a/templates/web/base/admin/users/form.html b/templates/web/base/admin/users/form.html index f141dc02c..495da8648 100644 --- a/templates/web/base/admin/users/form.html +++ b/templates/web/base/admin/users/form.html @@ -1,4 +1,7 @@ -<form method="post" id="user_edit" action="[% c.uri_for_action( 'admin/users/edit', user.id || 'add' ) %]" enctype="application/x-www-form-urlencoded" accept-charset="utf-8"> +<form method="post" id="user_edit" action="[% + SET action_end = user.id || 'add'; + c.uri_for_action( 'admin/users/edit', [ action_end ] ) + %]" enctype="application/x-www-form-urlencoded" accept-charset="utf-8"> <input type="hidden" name="token" value="[% csrf_token %]" > <input type="hidden" name="submit" value="1" > diff --git a/templates/web/base/admin/users/import.html b/templates/web/base/admin/users/import.html index 6e11c74a9..38e4fe240 100644 --- a/templates/web/base/admin/users/import.html +++ b/templates/web/base/admin/users/import.html @@ -27,7 +27,7 @@ [% FOREACH user IN new_users %] <tr> <td> - <a href="[% c.uri_for_action( 'admin/users/edit', user.id ) %]"> + <a href="[% c.uri_for_action( 'admin/users/edit', [ user.id ] ) %]"> [% user.name %] </a> </td> @@ -50,7 +50,7 @@ [% FOREACH user IN existing_users %] <tr> <td> - <a href="[% c.uri_for_action( 'admin/users/edit', user.id ) %]"> + <a href="[% c.uri_for_action( 'admin/users/edit', [ user.id ] ) %]"> [% user.name %] </a> </td> diff --git a/templates/web/base/admin/users/index.html b/templates/web/base/admin/users/index.html index 520cd1e3c..3b5c5bcc4 100644 --- a/templates/web/base/admin/users/index.html +++ b/templates/web/base/admin/users/index.html @@ -64,7 +64,7 @@ [% IF c.cobrand.moniker != 'zurich' %] <td>[% user.flagged == 2 ? loc('User in abuse table') : user.flagged ? loc('Yes') : ' ' %]</td> [% END %] - <td>[% IF user.id %]<a href="[% c.uri_for_action( 'admin/users/edit', user.id ) %]">[% loc('Edit') %]</a>[% END %]</td> + <td>[% IF user.id %]<a href="[% c.uri_for_action( 'admin/users/edit', [ user.id ] ) %]">[% loc('Edit') %]</a>[% END %]</td> </tr> [%- END -%] </table> |