Commit graph

4 commits

Author SHA1 Message Date
Rémy Coutable
cddc5cacfb Use described_class when possible
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-07-27 14:31:53 +02:00
Rémy Coutable
ddccd24c13 Remove superfluous lib: true, type: redis, service: true, models: true, services: true, no_db: true, api: true
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-07-27 14:31:53 +02:00
http://jneen.net/
963b374dc7 update the specs to not require a set to be returned 2017-06-27 12:41:54 -07:00
Timothy Andrew
6fdb17cbbe
Don't allow deleting a ghost user.
- Add a `destroy_user` ability. This didn't exist before, and was implicit in
  other abilities (only admins could access the admin area, so only they could
  destroy all users; a user can only access their own account page, and so can
  destroy only themselves).

- Grant this ability to admins, and when the current user is trying to destroy
  themselves. Disallow destroying ghost users in all cases.

- Modify the `Users::DestroyService` to check this ability. Also check it in
  views to decide whether or not to show the "Delete User" button.

- Add a short summary of the Ghost User to the bio.
2017-02-24 16:50:20 +05:30