From 17f7352a42554fb13baf43e63f116ca828553047 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Fri, 7 Nov 2014 15:37:14 +0000 Subject: Use RESTful routes for CRUD admin user actions --- app/controllers/admin_user_controller.rb | 32 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 18 deletions(-) (limited to 'app/controllers/admin_user_controller.rb') diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb index a6438e151..3379b9629 100644 --- a/app/controllers/admin_user_controller.rb +++ b/app/controllers/admin_user_controller.rb @@ -5,12 +5,8 @@ # Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class AdminUserController < AdminController - def index - list - render :action => 'list' - end - def list + def index @query = params[:query] if @query users = User.where(["lower(name) like lower('%'||?||'%') or @@ -21,20 +17,11 @@ class AdminUserController < AdminController @admin_users = users.paginate :order => "name", :page => params[:page], :per_page => 100 end - def list_banned - @banned_users = User.paginate :order => "name", :page => params[:page], :per_page => 100, - :conditions => ["ban_text <> ''"] - end - def show # Don't use @user as that is any logged in user @admin_user = User.find(params[:id]) end - def show_bounce_message - @admin_user = User.find(params[:id]) - end - def edit @admin_user = User.find(params[:id]) end @@ -53,17 +40,26 @@ class AdminUserController < AdminController if @admin_user.valid? @admin_user.save! flash[:notice] = 'User successfully updated.' - redirect_to admin_user_show_url(@admin_user) + redirect_to admin_user_url(@admin_user) else render :action => 'edit' end end + def list_banned + @banned_users = User.paginate :order => "name", :page => params[:page], :per_page => 100, + :conditions => ["ban_text <> ''"] + end + + def show_bounce_message + @admin_user = User.find(params[:id]) + end + def destroy_track track_thing = TrackThing.find(params[:track_id].to_i) track_thing.destroy flash[:notice] = 'Track destroyed' - redirect_to admin_user_show_url(track_thing.tracking_user) + redirect_to admin_user_url(track_thing.tracking_user) end def clear_bounce @@ -71,7 +67,7 @@ class AdminUserController < AdminController user.email_bounced_at = nil user.email_bounce_message = "" user.save! - redirect_to admin_user_show_url(user) + redirect_to admin_user_url(user) end def login_as @@ -96,7 +92,7 @@ class AdminUserController < AdminController end flash[:notice] = "Profile photo cleared" - redirect_to admin_user_show_url(@admin_user) + redirect_to admin_user_url(@admin_user) end def modify_comment_visibility -- cgit v1.2.3 From 958895684ea51aee06bcc0abc795eb76017af7f0 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Fri, 7 Nov 2014 15:50:17 +0000 Subject: Use RESTful route for banned user list --- app/controllers/admin_user_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers/admin_user_controller.rb') diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb index 3379b9629..6031c816b 100644 --- a/app/controllers/admin_user_controller.rb +++ b/app/controllers/admin_user_controller.rb @@ -46,7 +46,7 @@ class AdminUserController < AdminController end end - def list_banned + def banned @banned_users = User.paginate :order => "name", :page => params[:page], :per_page => 100, :conditions => ["ban_text <> ''"] end -- cgit v1.2.3 From 8c33668e81cf47b5b858c93c307de04e8683fc7c Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Fri, 7 Nov 2014 16:19:19 +0000 Subject: Make clearing a profile photo a post-restricted action --- app/controllers/admin_user_controller.rb | 4 ---- 1 file changed, 4 deletions(-) (limited to 'app/controllers/admin_user_controller.rb') diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb index 6031c816b..bbb5d002a 100644 --- a/app/controllers/admin_user_controller.rb +++ b/app/controllers/admin_user_controller.rb @@ -83,10 +83,6 @@ class AdminUserController < AdminController def clear_profile_photo @admin_user = User.find(params[:id]) - if !request.post? - raise "Can only clear profile photo from POST request" - end - if @admin_user.profile_photo @admin_user.profile_photo.destroy end -- cgit v1.2.3 From 16eebb4d30871f5457816d0af925d038715f4757 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Fri, 7 Nov 2014 17:12:54 +0000 Subject: RESTful routing for admin track actions --- app/controllers/admin_user_controller.rb | 7 ------- 1 file changed, 7 deletions(-) (limited to 'app/controllers/admin_user_controller.rb') diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb index bbb5d002a..7ef461594 100644 --- a/app/controllers/admin_user_controller.rb +++ b/app/controllers/admin_user_controller.rb @@ -55,13 +55,6 @@ class AdminUserController < AdminController @admin_user = User.find(params[:id]) end - def destroy_track - track_thing = TrackThing.find(params[:track_id].to_i) - track_thing.destroy - flash[:notice] = 'Track destroyed' - redirect_to admin_user_url(track_thing.tracking_user) - end - def clear_bounce user = User.find(params[:id]) user.email_bounced_at = nil -- cgit v1.2.3