Fixing user-emailing abilities
This commit is contained in:
parent
ef590793f2
commit
cbadcc5c73
|
|
@ -73,12 +73,10 @@ class UsersController < ApplicationController
|
||||||
|
|
||||||
def compose_email
|
def compose_email
|
||||||
@user = User.find(params[:user_id])
|
@user = User.find(params[:user_id])
|
||||||
authorize! :read, @user
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def send_email
|
def send_email
|
||||||
@user = User.find(params[:user_id])
|
@user = User.find(params[:user_id])
|
||||||
authorize! :read, @user
|
|
||||||
@subject = params[:subject]
|
@subject = params[:subject]
|
||||||
@body = params[:body]
|
@body = params[:body]
|
||||||
if @user.send_email(current_user,@subject,@body)
|
if @user.send_email(current_user,@subject,@body)
|
||||||
|
|
|
||||||
|
|
@ -16,6 +16,8 @@ class Ability
|
||||||
can :read, Payment, :user_id => user.id
|
can :read, Payment, :user_id => user.id
|
||||||
can [:read,:new_member_report], User, :id => user.id #TODO: why can users update themselves? Maybe because Devise doesn't check users/edit?
|
can [:read,:new_member_report], User, :id => user.id #TODO: why can users update themselves? Maybe because Devise doesn't check users/edit?
|
||||||
can :read, UserCertification, :user_id => user.id
|
can :read, UserCertification, :user_id => user.id
|
||||||
|
can :compose_email, User
|
||||||
|
can :send_email, User
|
||||||
|
|
||||||
if user.card_access_enabled
|
if user.card_access_enabled
|
||||||
can :access_doors_remotely, :door_access
|
can :access_doors_remotely, :door_access
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user