Instructors can delete their own certs; hidden users are hidden in drop-downs; admins can see last user login; prepping for postgres
This commit is contained in:
parent
719b9447ab
commit
20a007cac5
|
@ -5,7 +5,7 @@ class PaymentsController < ApplicationController
|
||||||
|
|
||||||
# Load users and certs based on current ability
|
# Load users and certs based on current ability
|
||||||
before_filter do
|
before_filter do
|
||||||
@users = User.accessible_by(current_ability).sort_by(&:name_with_payee_and_member_level)
|
@users = User.where(:hidden => false).where("member_level > 10").accessible_by(current_ability).sort_by(&:name_with_payee_and_member_level)
|
||||||
end
|
end
|
||||||
|
|
||||||
before_filter :only => [:create, :update] do
|
before_filter :only => [:create, :update] do
|
||||||
|
|
|
@ -6,7 +6,7 @@ class UserCertificationsController < ApplicationController
|
||||||
|
|
||||||
# Load users and certs based on current ability
|
# Load users and certs based on current ability
|
||||||
before_filter :only => [:new, :edit, :create, :update] do
|
before_filter :only => [:new, :edit, :create, :update] do
|
||||||
@users = User.accessible_by(current_ability).sort_by(&:name)
|
@users = User.where(:hidden => false).accessible_by(current_ability).sort_by(&:name)
|
||||||
@certifications = Certification.accessible_by(current_ability).sort_by(&:name)
|
@certifications = Certification.accessible_by(current_ability).sort_by(&:name)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,8 @@ class Ability
|
||||||
if user.instructor?
|
if user.instructor?
|
||||||
can :manage, Certification
|
can :manage, Certification
|
||||||
can [:create,:read], User, :hidden => [nil,false]
|
can [:create,:read], User, :hidden => [nil,false]
|
||||||
can :manage, UserCertification
|
can [:create,:read], UserCertification
|
||||||
|
can [:update,:destroy], UserCertification, :created_by => user.id
|
||||||
end
|
end
|
||||||
# Users can see others' stuff if they've been oriented
|
# Users can see others' stuff if they've been oriented
|
||||||
unless user.orientation.blank?
|
unless user.orientation.blank?
|
||||||
|
@ -44,7 +45,7 @@ class Ability
|
||||||
cannot :destroy, Certification
|
cannot :destroy, Certification
|
||||||
cannot :destroy, Mac
|
cannot :destroy, Mac
|
||||||
cannot :destroy, MacLog
|
cannot :destroy, MacLog
|
||||||
cannot :destroy, UserCertification
|
#cannot :destroy, UserCertification
|
||||||
cannot :destroy, DoorLog
|
cannot :destroy, DoorLog
|
||||||
# no exception for destroying payments
|
# no exception for destroying payments
|
||||||
end
|
end
|
||||||
|
|
|
@ -13,11 +13,11 @@
|
||||||
|
|
||||||
<div class="field">
|
<div class="field">
|
||||||
<%= f.label :user_id, "User" %><br />
|
<%= f.label :user_id, "User" %><br />
|
||||||
<%= collection_select(:payment, :user_id, @users, :id, :name_with_payee_and_member_level) %>
|
<%= collection_select(:payment, :user_id, @users, :id, :name_with_payee_and_member_level) %> (inactive members are not shown.)
|
||||||
</div>
|
</div>
|
||||||
<div class="field">
|
<div class="field">
|
||||||
<%= f.label :date, "Paid for month beginning" %><br />
|
<%= f.label :date, "Paid for month beginning" %><br />
|
||||||
<%= f.date_select :date %>
|
<%= f.date_select :date, :default => (DateTime.now - 1.month) %>
|
||||||
</div>
|
</div>
|
||||||
<div class="actions">
|
<div class="actions">
|
||||||
<%= f.submit %>
|
<%= f.submit %>
|
||||||
|
|
|
@ -18,8 +18,14 @@
|
||||||
at <%= @user_certification.updated_at %>
|
at <%= @user_certification.updated_at %>
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<%= link_to 'Edit', edit_user_certification_path(@user_certification) %> |
|
|
||||||
<%= link_to 'Back', user_certifications_path %>
|
|
||||||
<p>
|
<p>
|
||||||
<%= link_to 'Destroy', @user_certification, :confirm => "Are you sure you want to destroy this user's certification?", :method => :delete if can? :destroy, @user_certification %>
|
<% if can? :update, @user_certification %>
|
||||||
|
<%= link_to 'Edit', edit_user_certification_path(@user_certification) %> |
|
||||||
|
<% end %>
|
||||||
|
|
||||||
|
<% if can? :destroy, @user_certification %>
|
||||||
|
<%= link_to 'Delete', @user_certification, :confirm => "Are you sure you want to destroy this user's certification?", :method => :delete %> |
|
||||||
|
<% end %>
|
||||||
|
|
||||||
|
<%= link_to 'Back', user_certifications_path %>
|
||||||
</p>
|
</p>
|
||||||
|
|
|
@ -108,6 +108,10 @@
|
||||||
<b>Created:</b>
|
<b>Created:</b>
|
||||||
<%= @user.created_at %>
|
<%= @user.created_at %>
|
||||||
</p>
|
</p>
|
||||||
|
<p>
|
||||||
|
<b>Last signed in:</b>
|
||||||
|
<%= @user.current_sign_in_at %>
|
||||||
|
</p>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
<% if can? :update, @user then %><%= link_to 'Edit', edit_user_path(@user) %> |<% end %>
|
<% if can? :update, @user then %><%= link_to 'Edit', edit_user_path(@user) %> |<% end %>
|
||||||
|
|
|
@ -23,3 +23,9 @@ production:
|
||||||
database: db/production.sqlite3
|
database: db/production.sqlite3
|
||||||
pool: 5
|
pool: 5
|
||||||
timeout: 5000
|
timeout: 5000
|
||||||
|
# adapter: postgresql
|
||||||
|
# encoding: unicode
|
||||||
|
# database: members
|
||||||
|
# pool: 5
|
||||||
|
# username: postgres
|
||||||
|
# password:
|
||||||
|
|
Loading…
Reference in New Issue
Block a user