diff options
author | Robin Houston <robin.houston@gmail.com> | 2012-03-13 00:23:12 +0000 |
---|---|---|
committer | Robin Houston <robin.houston@gmail.com> | 2012-03-13 00:23:12 +0000 |
commit | c6623db61b06cd496b9358171111a0ab86a03d5a (patch) | |
tree | a8b7c77d00442524bfa2c527704393d0022cb1d5 /app/controllers | |
parent | f96a338d00106d7b6ad56e6368ebc9d61bbd02bd (diff) |
Admin users clicking confirmation links
Fixes #446. See issue for details.
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/application_controller.rb | 1 | ||||
-rw-r--r-- | app/controllers/request_controller.rb | 8 |
2 files changed, 8 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index b681f455d..434f12a49 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -294,6 +294,7 @@ class ApplicationController < ActionController::Base if params[:post_redirect] and session[:post_redirect_token] post_redirect = PostRedirect.find_by_token(session[:post_redirect_token]) params.update(post_redirect.post_params) + params[:post_redirect_user] = post_redirect.user end end diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 313a57d7d..96c501755 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -344,7 +344,13 @@ class RequestController < ApplicationController return end - @info_request.user = authenticated_user + if params[:post_redirect_user] + # If an admin has clicked the confirmation link on a users behalf, + # we don’t want to reassign the request to the administrator. + @info_request.user = params[:post_redirect_user] + else + @info_request.user = authenticated_user + end # This automatically saves dependent objects, such as @outgoing_message, in the same transaction @info_request.save! # XXX send_message needs the database id, so we send after saving, which isn't ideal if the request broke here. |