summaryrefslogtreecommitdiff
path: root/app/controllers/users_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r--app/controllers/users_controller.rb18
1 files changed, 9 insertions, 9 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index ed1c2a6..9c21b4a 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -135,7 +135,7 @@ class UsersController < ApplicationController
end
def resend_mail
- if (@user.is?(current_user) || mod?) && !@user.confirmed?
+ if (@user.is?(current_user) || (mod? && current_user.confirmed?)) && !@user.confirmed?
RedstonerMailer.register_mail(@user, false).deliver_now
flash[:notice] = "Check your inbox for the confirmation mail."
else
@@ -145,7 +145,7 @@ class UsersController < ApplicationController
end
def update
- if (mod? && current_user.role >= @user.role ) || (@user.is?(current_user) && confirmed?)
+ if (mod? && current_user.role >= @user.role && current_user.confirmed?) || (@user.is?(current_user) && confirmed?)
if mod?
userdata = user_params([:name, :skype, :youtube, :twitter, :about, :role, :badge, :confirmed, :header_scroll, :utc_time, :dark])
else
@@ -188,7 +188,7 @@ class UsersController < ApplicationController
end
def ban
- if mod? && current_user.role >= @user.role
+ if mod? && current_user.role >= @user.role && current_user.confirmed?
@user.role = Role.get :banned
flash[:notice] = "'#{@user.name}' has been banned!"
else
@@ -198,7 +198,7 @@ class UsersController < ApplicationController
end
def unban
- if mod? && current_user.role >= @user.role
+ if mod? && current_user.role >= @user.role && current_user.confirmed?
@user.role = Role.get :normal
flash[:notice] = "\"#{@user.name}\" has been unbanned!"
else
@@ -208,7 +208,7 @@ class UsersController < ApplicationController
end
def destroy
- if superadmin?
+ if superadmin? && current_user.confirmed?
if @user.destroy
flash[:notice] = "User deleted forever."
redirect_to users_url
@@ -223,28 +223,28 @@ class UsersController < ApplicationController
end
def edit_notifications
- unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
+ unless @user.is?(current_user) || (admin? && current_user.role > @user.role && current_user.confirmed?) || (superadmin? && current_user.confirmed?)
flash[:alert] = "You are not allowed to edit this user's notification settings!"
redirect_to @user
end
end
def edit_login
- unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
+ unless @user.is?(current_user) || (admin? && current_user.role > @user.role && current_user.confirmed?) || (superadmin? && current_user.confirmed?)
flash[:alert] = "You are not allowed to edit this user's login details!"
redirect_to @user
end
end
def edit_website_settings
- unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
+ unless @user.is?(current_user) || (admin? && current_user.role > @user.role && current_user.confirmed?) || (superadmin? && current_user.confirmed?)
flash[:alert] = "You are not allowed to edit this user's website settings!"
redirect_to @user
end
end
def update_login
- if @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
+ if @user.is?(current_user) || (admin? && current_user.role > @user.role && current_user.confirmed?) || (superadmin? && current_user.confirmed?)
authenticated = !@user.is?(current_user) || @user.authenticate(params[:current_password])
if params[:user][:password].present?
@user.password = params[:user][:password]
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 01:06:51 +0000