diff options
author | jomo <github@jomo.tv> | 2016-06-21 23:35:41 +0200 |
---|---|---|
committer | jomo <github@jomo.tv> | 2016-06-21 23:35:41 +0200 |
commit | e0ac5fac131342874c4e9f814a5943f38a39fa91 (patch) | |
tree | fb31790c6e42a05e4cf565b581189f23a25745ec | |
parent | 3f91e1a099346c9207914340ff8d0a8d5f08878e (diff) |
don't allow other users or confirmed users to resend confirmation email
-rw-r--r-- | app/controllers/users_controller.rb | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 0755c03..bd511df 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -139,8 +139,12 @@ class UsersController < ApplicationController end def resend_mail - RedstonerMailer.register_mail(@user, false).deliver_now - flash[:notice] = "Check your inbox for the confirmation mail." + if @user.is?(current_user) && !confirmed? + RedstonerMailer.register_mail(@user, false).deliver_now + flash[:notice] = "Check your inbox for the confirmation mail." + else + flash[:alert] = "You're not allowed to resend this user's confirmation email" + end redirect_to user_path(@user) end |