forked from fixin.me/fixin.me
22 lines
413 B
Ruby
22 lines
413 B
Ruby
class UsersController < ApplicationController
|
|
before_action :find_user, only: [:destroy]
|
|
before_action do
|
|
raise AccessForbidden unless (current_user == @user) || current_user.at_least(:admin)
|
|
end
|
|
|
|
def index
|
|
@users = User.all
|
|
end
|
|
|
|
def destroy
|
|
@user.destroy
|
|
redirect_to action: :index, notice: t(".success")
|
|
end
|
|
|
|
private
|
|
|
|
def find_user
|
|
@user = User.find(params[:id])
|
|
end
|
|
end
|