def create
authorize User
- @user = User.new(user_params)
+ @user = User.new(user_params.permit(:email, :password, :password_confirmation, :admin))
+ @user.organisation = current_user.organisation
respond_to do |format|
if @user.save
- format.html { redirect_to users_url, notice: 'Utilisateur créé avec succès.' }
+ format.html { redirect_to users_admin_index_url, notice: 'Utilisateur créé avec succès.' }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new }
# Never trust parameters from the scary internet, only allow the white list through.
def user_params
- params.require(:user).permit(:email, :organisation_id, :organisation, :password, :password_confirmation, :admin)
+ params.permit(:email, :organisation_id, :organisation, :password, :password_confirmation, :admin, :utf8, :authenticity_token, :commit)
end
end
end
end
+ def edit?
+ false
+ end
+
def destroy?
- record != user
+ false
+ # record != user
end
end
<li class="list-group-item">
<h4>
<i class="fas fa-user-friends"></i>
- <%= link_to users_path, class: "text-dark" do %>Utilisateurs<% end %>
+ <%= link_to users_admin_index_path, class: "text-dark" do %>Utilisateurs<% end %>
</h4>
</li>
-<%= bootstrap_form_with(model: user, local: true) do |form| %>
+<%= bootstrap_form_tag url: '/users_admin' do |form| %>
<%= form.hidden_field :organisation_id %>
<%= form.text_field :email, required: true %>
<%= render 'form', user: @user %>
-<%= link_to 'Retour', users_path %>
+<%= link_to 'Retour', users_admin_path %>
<div class="pb-2 mt-4 mb-2 border-bottom">
<% if policy(User).new? %>
- <%= link_to new_user_path, class: 'btn text-primary float-right' do %>
+ <%= link_to new_users_admin_path, class: 'btn text-primary float-right' do %>
<i class="fas fa-plus-circle"></i> Utilisateur
<% end %>
<% end %>
<h1><i class="fas fa-user-friends"></i> Utilisateurs</h1>
</div>
-<%= bootstrap_form_tag url: users_path, method: :get do |f| %>
+<%= bootstrap_form_tag url: users_admin_index_path, method: :get do |f| %>
<div class="row">
<div class="col"><%= f.text_field :email, value: params[:email], onchange: "this.form.submit()" %></div>
</div>
get 'admin/audit'
devise_for :users, controllers: {registrations: "registrations"}
+ resources :users_admin, controller: 'users'
- resources :users
resources :factures
resources :prestations
resources :tarifs