6fdb17cbbe
- Add a `destroy_user` ability. This didn't exist before, and was implicit in other abilities (only admins could access the admin area, so only they could destroy all users; a user can only access their own account page, and so can destroy only themselves). - Grant this ability to admins, and when the current user is trying to destroy themselves. Disallow destroying ghost users in all cases. - Modify the `Users::DestroyService` to check this ability. Also check it in views to decide whether or not to show the "Delete User" button. - Add a short summary of the Ghost User to the bio. |
||
---|---|---|
.. | ||
_access_levels.html.haml | ||
_form.html.haml | ||
_head.html.haml | ||
_profile.html.haml | ||
_projects.html.haml | ||
_user.html.haml | ||
edit.html.haml | ||
index.html.haml | ||
keys.html.haml | ||
new.html.haml | ||
projects.html.haml | ||
show.html.haml |