mirror of
https://github.com/Growstuff/growstuff.git
synced 2026-01-29 03:31:04 -05:00
a3b7822268
Removed JSON from classes that shouldn't have it. (PT: https://www.pivotaltracker.com/story/show/54570954) Also found a couple of controllers with broken authorization (i.e. not checking CanCan). Incidentally, this also fixes the comment form bug at https://www.pivotaltracker.com/story/show/54328716.
40 lines
787 B
Ruby
40 lines
787 B
Ruby
class AccountsController < ApplicationController
|
|
load_and_authorize_resource
|
|
# GET /accounts
|
|
def index
|
|
@accounts = Account.all
|
|
|
|
respond_to do |format|
|
|
format.html # index.html.erb
|
|
end
|
|
end
|
|
|
|
# GET /accounts/1
|
|
def show
|
|
@account = Account.find(params[:id])
|
|
|
|
respond_to do |format|
|
|
format.html # show.html.erb
|
|
end
|
|
end
|
|
|
|
# GET /accounts/1/edit
|
|
def edit
|
|
@account = Account.find(params[:id])
|
|
end
|
|
|
|
# PUT /accounts/1
|
|
def update
|
|
@account = Account.find(params[:id])
|
|
|
|
respond_to do |format|
|
|
if @account.update_attributes(params[:account])
|
|
format.html { redirect_to @account, notice: 'Account detail was successfully updated.' }
|
|
else
|
|
format.html { render action: "edit" }
|
|
end
|
|
end
|
|
end
|
|
|
|
end
|