Skip to content

Commit

Permalink
Merge commit from fork
Browse files Browse the repository at this point in the history
* Added admin checks for erb and controller paths

* Removed unnecessary admin checks

* Removed newline

* Fixed some linting

* Fixed indentation

* Added more indentation
  • Loading branch information
KesterTan authored Oct 24, 2024
1 parent 12c5047 commit 301689a
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion app/controllers/users_controller.rb
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
class UsersController < ApplicationController
skip_before_action :set_course
skip_before_action :authorize_user_for_course
skip_before_action :authenticate_for_action
skip_before_action :authenticate_for_action,
except: [:change_password_for_user, :update_password_for_user,
:lti_launch_link_course]
skip_before_action :update_persistent_announcements
before_action :set_gh_oauth_client, only: [:github_oauth, :github_oauth_callback]
before_action :set_user,
Expand Down Expand Up @@ -416,6 +418,7 @@ def change_password_for_user
redirect_to(user_path)
end

action_auth_level :update_password_for_user, :administrator
def update_password_for_user
@user = User.find_by(id: params[:id])
return if params[:user].nil? || params[:user].is_a?(String) || @user.nil?
Expand Down

0 comments on commit 301689a

Please sign in to comment.