mirror of
https://github.com/Fishwaldo/huginn.git
synced 2025-03-15 19:31:26 +00:00
Admins should not be able to deactivate their own accounts
This commit is contained in:
parent
8508928943
commit
c0c74113bf
3 changed files with 13 additions and 6 deletions
|
@ -6,7 +6,7 @@ class Admin::UsersController < ApplicationController
|
|||
helper_method :resource
|
||||
|
||||
def index
|
||||
@users = User.reorder(:created_at).page(params[:page])
|
||||
@users = User.reorder('created_at DESC').page(params[:page])
|
||||
|
||||
respond_to do |format|
|
||||
format.html
|
||||
|
|
|
@ -29,12 +29,14 @@
|
|||
<td title='<%= user.created_at %>'><%= time_ago_in_words user.created_at %> ago</td>
|
||||
<td>
|
||||
<div class="btn-group btn-group-xs">
|
||||
<% if user.active? %>
|
||||
<%= link_to 'Deactivate', deactivate_admin_user_path(user), method: :put, class: "btn btn-default" %>
|
||||
<% else %>
|
||||
<%= link_to 'Activate', activate_admin_user_path(user), method: :put, class: "btn btn-default" %>
|
||||
<% if user != current_user %>
|
||||
<% if user.active? %>
|
||||
<%= link_to 'Deactivate', deactivate_admin_user_path(user), method: :put, class: "btn btn-default" %>
|
||||
<% else %>
|
||||
<%= link_to 'Activate', activate_admin_user_path(user), method: :put, class: "btn btn-default" %>
|
||||
<% end %>
|
||||
<%= link_to 'Delete', admin_user_path(user), method: :delete, data: { confirm: 'Are you sure? This can not be undone.' }, class: "btn btn-default" %>
|
||||
<% end %>
|
||||
<%= link_to 'Delete', admin_user_path(user), method: :delete, data: { confirm: 'Are you sure? This can not be undone.' }, class: "btn btn-default" %>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
|
|
|
@ -80,6 +80,11 @@ describe Admin::UsersController do
|
|||
end
|
||||
|
||||
context "(de)activating users" do
|
||||
it "does not show deactivation buttons for the current user" do
|
||||
visit admin_users_path
|
||||
expect(page).not_to have_css("a[href='/admin/users/#{users(:jane).id}/deactivate']")
|
||||
end
|
||||
|
||||
it "deactivates an existing user" do
|
||||
visit admin_users_path
|
||||
expect(page).not_to have_text('inactive')
|
||||
|
|
Loading…
Add table
Reference in a new issue