mirror of
https://github.com/astuto/astuto.git
synced 2025-12-15 03:07:52 +01:00
a11157295d
* Fix missing translation in roadmap * Fix resizing of textareas * Increase line height for small muted texts * Improve collapsed board list style * Fix switch on top of header (z-index) * Fix margin inconsistencies in site settings * Add user count to site settings
40 lines
798 B
Ruby
40 lines
798 B
Ruby
class UsersController < ApplicationController
|
|
before_action :authenticate_user!, only: [:index, :update]
|
|
|
|
def index
|
|
authorize User
|
|
|
|
@users = User
|
|
.all
|
|
.order(role: :desc, created_at: :desc)
|
|
|
|
render json: @users
|
|
end
|
|
|
|
def update
|
|
@user = User.find(params[:id])
|
|
authorize @user
|
|
|
|
@user.assign_attributes user_update_params
|
|
|
|
# Handle special case: trying to set user role to 'owner'
|
|
raise Pundit::NotAuthorizedError if @user.owner?
|
|
|
|
if @user.save
|
|
render json: @user
|
|
else
|
|
render json: {
|
|
error: @user.errors.full_messages
|
|
}, status: :unprocessable_entity
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def user_update_params
|
|
params
|
|
.require(:user)
|
|
.permit(policy(@user).permitted_attributes_for_update)
|
|
end
|
|
end
|