Instructors can delete their own certs; hidden users are hidden in drop-downs; admins can see last user login; prepping for postgres

app/controllers/payments_controller.rb

@@ -5,7 +5,7 @@ class PaymentsController < ApplicationController
 
   # Load users and certs based on current ability
   before_filter do
-    @users = User.accessible_by(current_ability).sort_by(&:name_with_payee_and_member_level)
+    @users = User.where(:hidden => false).where("member_level > 10").accessible_by(current_ability).sort_by(&:name_with_payee_and_member_level)
   end
 
   before_filter :only => [:create, :update] do

app/controllers/user_certifications_controller.rb

@@ -6,7 +6,7 @@ class UserCertificationsController < ApplicationController
 
   # Load users and certs based on current ability
   before_filter :only => [:new, :edit, :create, :update] do
-    @users = User.accessible_by(current_ability).sort_by(&:name)
+    @users = User.where(:hidden => false).accessible_by(current_ability).sort_by(&:name)
     @certifications = Certification.accessible_by(current_ability).sort_by(&:name)
   end