Variety of changes to the way we do user editing:

1) Allow admins to edit the admin bit of other admins 2) Don't allow admins to delete themselves (partial fix for ticket #213) 3) Inline user::update(). Don't do form processing in helper methods! 4) Inline user::_get_edit_form() so that we can treat edit forms differently. Trying to hard to make common functions makes for weird edge cases.
2026-06-16 15:09:55 -04:00 · 2009-05-13 03:56:50 +00:00
parent b9aeec634d
commit 9c24b5d94d
4 changed files with 69 additions and 47 deletions
--- a/modules/user/controllers/users.php
+++ b/modules/user/controllers/users.php
@@ -28,10 +28,17 @@ class Users_Controller extends REST_Controller {
    $form = user::get_edit_form($user);
    $valid = $form->validate();
    if ($valid) {
-      $valid = user::update($user, $form);
-    }
+      $user->full_name = $form->edit_user->full_name->value;
+      if ($form->edit_user->password->value) {
+        $user->password = $form->edit_user->password->value;
+      }
+      $user->email = $form->edit_user->email->value;
+      if ($form->edit_user->locale) {
+        $desired_locale = $form->edit_user->locale->value;
+        $user->locale = $desired_locale == "none" ? null : $desired_locale;
+      }
+      $user->save();

-    if ($valid) {
      print json_encode(
        array("result" => "success",
              "resource" => url::site("users/{$user->id}")));