summaryrefslogtreecommitdiff
path: root/spec/policies/user_policy_spec.rb
Commit message (Collapse)AuthorAgeFilesLines
* Allow users to set a statusBob Van Landuyt2018-07-301-0/+4
| | | | | This can be done trough the API for the current user, or on the profile page.
* Make the user dropdown reusableBob Van Landuyt2018-05-041-5/+13
| | | | | | | We will reuse the the dropdown, but exclude some menu items based on permissions. So moving the menu to a partial, and adding checks for each menu item here.
* Use described_class when possibleRémy Coutable2017-07-271-1/+1
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Remove superfluous lib: true, type: redis, service: true, models: true, ↵Rémy Coutable2017-07-271-1/+1
| | | | | | services: true, no_db: true, api: true Signed-off-by: Rémy Coutable <remy@rymai.me>
* update the specs to not require a set to be returnedhttp://jneen.net/2017-06-271-6/+6
|
* Don't allow deleting a ghost user.Timothy Andrew2017-02-241-0/+37
- Add a `destroy_user` ability. This didn't exist before, and was implicit in other abilities (only admins could access the admin area, so only they could destroy all users; a user can only access their own account page, and so can destroy only themselves). - Grant this ability to admins, and when the current user is trying to destroy themselves. Disallow destroying ghost users in all cases. - Modify the `Users::DestroyService` to check this ability. Also check it in views to decide whether or not to show the "Delete User" button. - Add a short summary of the Ghost User to the bio.
View Lorry Controller Status