Made having a confirmed email required to manage forum groups.

3 files changed, 38 insertions, 18 deletions

diff --git a/app/controllers/forumgroups_controller.rb b/app/controllers/forumgroups_controller.rb
index fe359af..3e53b4a 100644
--- a/app/controllers/forumgroups_controller.rb
+++ b/app/controllers/forumgroups_controller.rb
@@ -9,7 +9,7 @@ class ForumgroupsController < ApplicationController
   end
 
   def edit
-    if admin?
+    if admin? && current_user.confirmed?
       @group = Forumgroup.find(params[:id])
     else
       flash[:alert] = "You are not allowed to edit forum groups."
@@ -17,7 +17,7 @@ class ForumgroupsController < ApplicationController
   end
 
   def update
-    if admin?
+    if admin? && current_user.confirmed?
       @group = Forumgroup.find(params[:id])
       if @group.update_attributes(group_params)
         flash[:notice] = "Forum group updated"
@@ -32,7 +32,7 @@ class ForumgroupsController < ApplicationController
   end
 
   def new
-    if admin?
+    if admin? && current_user.confirmed?
       @group = Forumgroup.new
     else
       flash[:alert] = "You are not allowed to create forum groups."
@@ -41,7 +41,7 @@ class ForumgroupsController < ApplicationController
   end
 
   def create
-    if admin?
+    if admin? && current_user.confirmed?
       @group = Forumgroup.new(group_params)
       if @group.save
         flash[:notice] = "Forum group created."
@@ -57,7 +57,7 @@ class ForumgroupsController < ApplicationController
   end
 
   def destroy
-    if admin?
+    if admin? && current_user.confirmed?
       @group = Forumgroup.find(params[:id])
       if @group.destroy
         flash[:notice] = "forum group deleted."
diff --git a/app/views/forumgroups/edit.html.erb b/app/views/forumgroups/edit.html.erb
index bb3bf5a..e69acd4 100644
--- a/app/views/forumgroups/edit.html.erb
+++ b/app/views/forumgroups/edit.html.erb
@@ -1,5 +1,11 @@
 <% title "Manage Forums" %>
 
+<%
+  def can_edit?
+    admin? && current_user.confirmed?
+  end
+%>
+
 <h1>Manage Forums</h1>
 <div class="item-group">
   <div class="header">
@@ -19,22 +25,26 @@
   <table>
     <tr>
       <td><%= f.label :name %></td>
-      <td><%= f.text_field :name, placeholder: "Name" %></td>
+      <td><%= f.text_field :name, placeholder: "Name", disabled: !can_edit? %></td>
     </tr>
     <tr>
       <td><%= f.label :position %></td>
-      <td><%= f.number_field :position, placeholder: "Position" %></td>
+      <td><%= f.number_field :position, placeholder: "Position", disabled: !can_edit? %></td>
     </tr>
     <tr>
       <td><%= f.label :role_read_id, "Min. read role" %></td>
-      <td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
+      <td><%= f.select :role_read_id, role_selection, { include_blank: "None" }, { disabled: !can_edit? } %></td>
     </tr>
     <tr>
       <td><%= f.label :role_write_id, "Min. write role" %></td>
-      <td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
+      <td><%= f.select :role_write_id, role_selection, { include_blank: false }, { disabled: !can_edit? } %></td>
     </tr>
   </table>
-  <p><%= f.submit "Update group", class: "btn blue left" %></p>
+  <p><%= f.submit "Update group", class: "btn blue left", disabled: !can_edit? %></p>
+<% end %>
+<p><%= button_to "Delete group", @group, :method => "delete", data: {confirm: "Delete group?\nForums + Threads will not be accessible!"}, class: "btn red right", disabled: !can_edit? %></p>
+<div class="clear"></div>
+
+<% if !current_user.confirmed? %>
+  <span class='red-alert'>You must confirm your email before you can edit forum groups.</span>
 <% end %>
-<p><%= button_to "Delete group", @group, :method => "delete", data: {confirm: "Delete group?\nForums + Threads will not be accessible!"}, class: "btn red right" %></p>
-<div class="clear"></div>
\ No newline at end of file
diff --git a/app/views/forumgroups/new.html.erb b/app/views/forumgroups/new.html.erb
index 9802260..70cf4dc 100644
--- a/app/views/forumgroups/new.html.erb
+++ b/app/views/forumgroups/new.html.erb
@@ -1,26 +1,36 @@
 <% title "New Forum: #{@group.name}" %>
 
+<%
+  def can_create?
+    admin? && current_user.confirmed?
+  end
+%>
+
 <h1>New forum group</h1>
 <% role_selection = Role.all_from_to(:normal, :admin).collect{|p|[p.name, p.id]} %>
 <%= form_for @group do |f|%>
   <table>
     <tr>
       <td><%= f.label :name %></td>
-      <td><%= f.text_field :name, placeholder: "Name" %></td>
+      <td><%= f.text_field :name, placeholder: "Name", disabled: !can_create? %></td>
     </tr>
     <tr>
       <td><%= f.label :position %></td>
-      <td><%= f.number_field :position, placeholder: "Position" %></td>
+      <td><%= f.number_field :position, placeholder: "Position", disabled: !can_create? %></td>
     </tr>
     <tr>
       <td><%= f.label :role_read_id, "Min. read role" %></td>
-      <td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
+      <td><%= f.select :role_read_id, role_selection, { include_blank: "None" }, { disabled: !can_create? } %></td>
     </tr>
     <tr>
       <td><%= f.label :role_write_id, "Min. write role" %></td>
-      <td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
+      <td><%= f.select :role_write_id, role_selection, { include_blank: false }, { disabled: !can_create? } %></td>
     </tr>
   </table>
-  <p><%= f.submit "Create group", class: "btn blue left" %></p>
+  <p><%= f.submit "Create group", class: "btn blue left", disabled: !can_create? %></p>
   <div class="clear"></div>
-<% end %>
\ No newline at end of file
+
+  <% if !current_user.confirmed? %>
+    <span class='red-alert'>You must confirm your email before you can create new forum groups.</span>
+  <% end %>
+<% end %>