From 7642e35d5d80f0987ea0018797707e3b7e515a9b Mon Sep 17 00:00:00 2001 From: benji Date: Tue, 10 Feb 2015 07:15:25 +0100 Subject: [PATCH] Add db/seeds and fix two minor bugs --- app/controllers/users_controller.rb | 8 ++-- app/models/ability.rb | 3 +- app/models/user.rb | 2 - app/views/layouts/_header.html.erb | 3 ++ app/views/products/_product.html.erb | 2 +- config/initializers/devise.rb | 2 +- db/seeds.rb | 67 +++++++++++++++++++++++++++ public/seeds/products/bueno.jpg | Bin 0 -> 249720 bytes public/seeds/products/club_mate.jpg | Bin 0 -> 14144 bytes public/seeds/products/fanta.jpg | Bin 0 -> 55551 bytes public/seeds/users/admin.jpg | Bin 0 -> 17225 bytes public/seeds/users/benji.jpg | Bin 0 -> 59305 bytes public/seeds/users/don.jpg | Bin 0 -> 11552 bytes public/seeds/users/silox.jpg | Bin 0 -> 10912 bytes 14 files changed, 79 insertions(+), 8 deletions(-) create mode 100644 public/seeds/products/bueno.jpg create mode 100644 public/seeds/products/club_mate.jpg create mode 100644 public/seeds/products/fanta.jpg create mode 100644 public/seeds/users/admin.jpg create mode 100644 public/seeds/users/benji.jpg create mode 100644 public/seeds/users/don.jpg create mode 100644 public/seeds/users/silox.jpg diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index f2370db..ac9b2d1 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,8 +1,7 @@ class UsersController < ApplicationController - load_and_authorize_resource - def show @user = User.find_by_id(params[:id]) || current_user + authorize! :read, @user @orders = @user.orders.includes(:products).paginate(page: params[:page]) @products = @user.products.select("products.*", "sum(order_items.count) as count").group(:product_id) @categories = @user.products.select("products.category", "sum(order_items.count) as count").group(:category) @@ -10,10 +9,13 @@ class UsersController < ApplicationController def index @users = User.members + authorize! :read, @users end def destroy - User.find(params[:id]).destroy + @user = User.find(params[:id]) + authorize! :destroy, @users + @user.destroy flash[:success] = "Succesfully removed user" redirect_to action: :index end diff --git a/app/models/ability.rb b/app/models/ability.rb index 409f28b..29403fa 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -8,8 +8,9 @@ class Ability can :schulden, :admins elsif user.koelkast? can :manage, Order - else + elsif user[:id] can :read, :all + can :update, User end end end diff --git a/app/models/user.rb b/app/models/user.rb index a590ba1..f1be795 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -38,8 +38,6 @@ class User < ActiveRecord::Base belongs_to :dagschotel, class_name: 'Product' validates :nickname, presence: true, uniqueness: true - validates :name, presence: true - validates :last_name, presence: true validates_attachment :avatar, presence: true, content_type: { content_type: ["image/jpeg", "image/gif", "image/png"] } scope :members, -> { where koelkast: false } diff --git a/app/views/layouts/_header.html.erb b/app/views/layouts/_header.html.erb index 420ca6b..2542006 100644 --- a/app/views/layouts/_header.html.erb +++ b/app/views/layouts/_header.html.erb @@ -27,6 +27,9 @@
  • <%= mail_to "tab@zeus.ugent.be", "Send feedback" %>
    • <% if user_signed_in? %> <% if can? :manage, :all %> +
  • + <%= link_to "Place order", orders_path %> +