aboutsummaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/controllers/admin_user_controller.rb23
-rw-r--r--app/controllers/request_controller.rb6
-rw-r--r--app/models/user.rb14
-rw-r--r--app/views/admin_user/_form.rhtml13
-rw-r--r--app/views/admin_user/edit.rhtml23
-rw-r--r--app/views/admin_user/list.rhtml4
-rw-r--r--app/views/admin_user/show.rhtml3
-rw-r--r--app/views/body/show.rhtml3
-rw-r--r--app/views/request/show.rhtml3
-rw-r--r--app/views/user/show.rhtml7
10 files changed, 89 insertions, 10 deletions
diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb
index 50be7e65d..f9fe839df 100644
--- a/app/controllers/admin_user_controller.rb
+++ b/app/controllers/admin_user_controller.rb
@@ -4,7 +4,7 @@
# Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved.
# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
#
-# $Id: admin_user_controller.rb,v 1.5 2008-07-28 18:04:38 francis Exp $
+# $Id: admin_user_controller.rb,v 1.6 2008-08-27 00:39:03 francis Exp $
class AdminUserController < ApplicationController
layout "admin"
@@ -27,6 +27,27 @@ class AdminUserController < ApplicationController
@admin_user = User.find(params[:id])
end
+ def edit
+ @admin_user = User.find(params[:id])
+ end
+
+ def update
+ @admin_user = User.find(params[:id])
+
+ @admin_user.name = params[:admin_user][:name]
+ @admin_user.email = params[:admin_user][:email]
+ @admin_user.admin_level = params[:admin_user][:admin_level]
+
+ if @admin_user.valid?
+ @admin_user.save!
+ flash[:notice] = 'User successfully updated.'
+ redirect_to user_admin_url(@admin_user)
+ else
+ render :action => 'edit'
+ end
+ end
+
+
private
end
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index 4cb3e497d..41c48dee3 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -4,7 +4,7 @@
# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
#
-# $Id: request_controller.rb,v 1.95 2008-08-07 00:24:51 francis Exp $
+# $Id: request_controller.rb,v 1.96 2008-08-27 00:39:03 francis Exp $
class RequestController < ApplicationController
@@ -23,7 +23,7 @@ class RequestController < ApplicationController
@info_request_events = @info_request.info_request_events
@status = @info_request.calculate_status
@collapse_quotes = params[:unfold] ? false : true
- @is_owning_user = !authenticated_user.nil? && authenticated_user.id == @info_request.user_id
+ @is_owning_user = !authenticated_user.nil? && (authenticated_user.id == @info_request.user_id || authenticated_user.owns_every_request?)
@events_needing_description = @info_request.events_needing_description
last_event = @events_needing_description[-1]
@last_info_request_event_id = last_event.nil? ? nil : last_event.id
@@ -273,7 +273,7 @@ class RequestController < ApplicationController
end
@info_request = InfoRequest.find(params[:id].to_i)
@collapse_quotes = params[:unfold] ? false : true
- @is_owning_user = !authenticated_user.nil? && authenticated_user.id == @info_request.user_id
+ @is_owning_user = !authenticated_user.nil? && (authenticated_user.id == @info_request.user_id || authenticated_user.owns_every_request?)
params_outgoing_message = params[:outgoing_message]
if params_outgoing_message.nil?
diff --git a/app/models/user.rb b/app/models/user.rb
index 9c160dbd5..9c68ff0aa 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -21,7 +21,7 @@
# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
#
-# $Id: user.rb,v 1.61 2008-08-09 15:19:01 francis Exp $
+# $Id: user.rb,v 1.62 2008-08-27 00:39:03 francis Exp $
require 'digest/sha1'
@@ -41,6 +41,11 @@ class User < ActiveRecord::Base
attr_accessor :password_confirmation
validates_confirmation_of :password, :message =>"^Please enter the same password twice"
+ validates_inclusion_of :admin_level, :in => [
+ 'none',
+ 'super',
+ ]
+
acts_as_xapian :texts => [ :name ],
:values => [ [ :created_at, 0, "created_at", :date ] ],
:terms => [ [ :variety, 'V', "variety" ] ]
@@ -148,9 +153,14 @@ class User < ActiveRecord::Base
u.save!
end
- return u
+ return
end
+ # Does the user magically gain powers as if they owned every request?
+ # e.g. Can classify it
+ def owns_every_request?
+ self.admin_level == 'super'
+ end
private
diff --git a/app/views/admin_user/_form.rhtml b/app/views/admin_user/_form.rhtml
new file mode 100644
index 000000000..f56a23ea3
--- /dev/null
+++ b/app/views/admin_user/_form.rhtml
@@ -0,0 +1,13 @@
+<%= error_messages_for 'admin_user' %>
+
+<!--[form:admin_user]-->
+
+<p><label for="admin_user_name">Name</label> (will change URL name and break URLs; unlike authorities, there is no history)<br/>
+<%= text_field 'admin_user', 'name', :size => 60 %></p>
+
+<p><label for="admin_user_email">Email</label> (<strong>you must</strong> first validate this)<br/>
+<%= text_field 'admin_user', 'email', :size => 60 %></p>
+
+<p><label for="admin_level">Admin level</label> (<strong>none</strong> or <strong>super</strong>; this is for admin features and links which are in the site proper)<br/>
+<%= text_field 'admin_user', 'admin_level', :size => 60 %></p>
+
diff --git a/app/views/admin_user/edit.rhtml b/app/views/admin_user/edit.rhtml
new file mode 100644
index 000000000..c9803fbde
--- /dev/null
+++ b/app/views/admin_user/edit.rhtml
@@ -0,0 +1,23 @@
+
+
+<h1><%=@title%></h1>
+
+<% form_tag '../update/' + @admin_user.id.to_s do %>
+ <%= render :partial => 'form' %>
+ <p><%= submit_tag 'Save' %></p>
+<% end %>
+
+<p>
+<%= link_to 'Show', '../show/' + @admin_user.id.to_s %> |
+<%= link_to 'List all', '../list' %>
+</p>
+
+<% if false #@admin_user.info_requests.size == 0 %>
+ <% form_tag('../destroy/' + @admin_user.id.to_s) do %>
+ <p>
+ <%= hidden_field_tag(:admin_user_id, { :value => @admin_user.id } ) %>
+ <%= submit_tag "Destroy " + @admin_user.name %> (this is permanent!)
+ </p>
+ <% end %>
+<% end %>
+
diff --git a/app/views/admin_user/list.rhtml b/app/views/admin_user/list.rhtml
index 2950041e5..3ba26a626 100644
--- a/app/views/admin_user/list.rhtml
+++ b/app/views/admin_user/list.rhtml
@@ -12,7 +12,7 @@
<table>
<tr>
<th>Id</th>
- <% for column in ['Name', 'Email', 'Created at', 'Updated at', 'Email confirmed'] %>
+ <% for column in ['Name', 'Email', 'Created at', 'Updated at', 'Email confirmed', 'Admin'] %>
<th><%= column %></th>
<% end %>
</tr>
@@ -22,7 +22,7 @@
<td><%= user.id.to_s %></td>
<td><%= link_to h(user.name), 'show/' + user.id.to_s %></td>
<td><a href="mailto:<%=h user.email %>"><%=h user.email%></a></td>
- <% for column in ['created_at', 'updated_at', 'email_confirmed'] %>
+ <% for column in ['created_at', 'updated_at', 'email_confirmed', 'admin_level'] %>
<td><%=h user.send(column) %></td>
<% end %>
</tr>
diff --git a/app/views/admin_user/show.rhtml b/app/views/admin_user/show.rhtml
index 68d72feea..aea8c8e3b 100644
--- a/app/views/admin_user/show.rhtml
+++ b/app/views/admin_user/show.rhtml
@@ -15,7 +15,8 @@
<% end %>
</p>
-<p><%= link_to 'Public page', main_url(user_url(@admin_user)) %></p>
+<p><%= link_to 'Edit', '../edit/' + @admin_user.id.to_s %>
+| <%= link_to 'Public page', main_url(user_url(@admin_user)) %></p>
<h2>Track things</h2>
diff --git a/app/views/body/show.rhtml b/app/views/body/show.rhtml
index ec09dfb70..07cf3ce8e 100644
--- a/app/views/body/show.rhtml
+++ b/app/views/body/show.rhtml
@@ -10,6 +10,9 @@
<p class="subtitle">
<%=@public_body.type_of_authority(true)%> in the UK<% if not @public_body.short_name.empty? %>, also called <%= h(@public_body.short_name) %><% end %>
(<%= link_to "home page", @public_body.calculated_home_page %>)
+<% if !@user.nil? && @user.owns_every_request? %>
+(<%= link_to "admin", public_body_admin_url(@public_body) %>)
+<% end %>
</p>
<% if @public_body.notes != "" %>
diff --git a/app/views/request/show.rhtml b/app/views/request/show.rhtml
index 0182574d8..0d6d72f22 100644
--- a/app/views/request/show.rhtml
+++ b/app/views/request/show.rhtml
@@ -45,6 +45,9 @@
<%= public_body_link(@info_request.public_body) %>
by
<%= user_link(@info_request.user) %>
+ <% if !@user.nil? && @user.owns_every_request? %>
+ (<%= link_to "admin", request_admin_url(@info_request) %>)
+ <% end %>
</p>
<p id="request_status">
diff --git a/app/views/user/show.rhtml b/app/views/user/show.rhtml
index 8eef38adc..01f20ed71 100644
--- a/app/views/user/show.rhtml
+++ b/app/views/user/show.rhtml
@@ -14,7 +14,12 @@
<div class="single_user">
<h1><%=@title%></h1>
- <p class="subtitle">Joined WhatDoTheyKnow on <%= simple_date(@display_user.created_at) %></p>
+ <p class="subtitle">
+ Joined WhatDoTheyKnow on <%= simple_date(@display_user.created_at) %>
+ <% if !@user.nil? && @user.owns_every_request? %>
+ (<%= link_to "admin", user_admin_url(@display_user) %>)
+ <% end %>
+ </p>
<p>
<%= link_to "Send message to " + h(@display_user.name), contact_user_url(:id => @display_user.id) %>
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-25 02:01:30 +0000