diff options
| author | Robin Houston <robin.houston@gmail.com> | 2012-03-13 00:23:12 +0000 |
|---|---|---|
| committer | Robin Houston <robin.houston@gmail.com> | 2012-03-13 00:33:51 +0000 |
| commit | 7bfd0796c2c3a21715bebae8abdc4f5c77f5094b (patch) | |
| tree | 4b283f9c5fcf9021cc565ec51b7043f8bc232c86 /app/controllers | |
| parent | 37bff4c0154b57b35a3194a9b31a9422496b955b (diff) | |
Admin users clicking confirmation links
Fixes #446. See issue for details.
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/application_controller.rb | 1 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 8 |
2 files changed, 8 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index b681f455d..434f12a49 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -294,6 +294,7 @@ class ApplicationController < ActionController::Base if params[:post_redirect] and session[:post_redirect_token] post_redirect = PostRedirect.find_by_token(session[:post_redirect_token]) params.update(post_redirect.post_params) + params[:post_redirect_user] = post_redirect.user end end diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index b484ec514..7ca081c04 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -347,7 +347,13 @@ class RequestController < ApplicationController return end - @info_request.user = authenticated_user + if params[:post_redirect_user] + # If an admin has clicked the confirmation link on a users behalf, + # we don’t want to reassign the request to the administrator. + @info_request.user = params[:post_redirect_user] + else + @info_request.user = authenticated_user + end # This automatically saves dependent objects, such as @outgoing_message, in the same transaction @info_request.save! # XXX send_message needs the database id, so we send after saving, which isn't ideal if the request broke here. |