end
def editable?
- (current_user and
+ (current_user and current_user.is_active and
(current_user.is_admin or
current_user.uuid == self.owner))
end
def attribute_editable?(attr)
if "created_at modified_at modified_by_user modified_by_client updated_at".index(attr.to_s)
false
- elsif "uuid owner".index(attr.to_s)
- current_user and current_user.is_admin
+ elsif not (current_user.andand.is_active)
+ false
+ elsif "uuid owner".index(attr.to_s) or current_user.is_admin
+ current_user.is_admin
else
- current_user and current_user.uuid == owner
+ current_user.uuid == self.owner or current_user.uuid == self.uuid
end
end
</td><td>
<%= render_editable_attribute u, 'email' %>
</td><td>
- <%= render_editable_attribute u, 'is_active', u.is_active ? 'Active' : '', "data-type" => "select", "data-source" => '[{value:1,text:"Active"},{value:0,text:"No"}]' %>
+ <%= render_editable_attribute u, 'is_active', u.is_active ? 'Active' : 'No', "data-type" => "select", "data-source" => '[{value:1,text:"Active"},{value:0,text:"No"}]' %>
</td><td>
- <%= render_editable_attribute u, 'is_admin', u.is_admin ? 'Admin' : '', "data-type" => "select", "data-source" => '[{value:1,text:"admin"},{value:0,text:"No"}]' %>
+ <%= render_editable_attribute u, 'is_admin', u.is_admin ? 'Admin' : 'No', "data-type" => "select", "data-source" => '[{value:1,text:"admin"},{value:0,text:"No"}]' %>
</td><td>
<%= render_editable_attribute u, 'owner' %>
</td><td>