1 class User < OrvosModel
4 include CommonApiTemplate
6 has_many :api_client_authorizations
7 before_update :prevent_privilege_escalation
9 api_accessible :superuser, :extend => :common do |t|
20 "#{first_name} #{last_name}"
25 def prevent_privilege_escalation
26 if self.is_admin_changed? and !current_user.is_admin
27 if current_user.uuid == self.uuid
28 if self.is_admin != self.is_admin_was
29 logger.warn "User #{self.uuid} tried to change is_admin from #{self.is_admin_was} to #{self.is_admin}"
30 self.is_admin = self.is_admin_was