From 6f3cc934dab22329220f9cdad4f60db1dbeaf934 Mon Sep 17 00:00:00 2001
From: jomo <github@jomo.tv>
Date: Sat, 3 May 2014 03:50:01 +0200
Subject: [PATCH] allow editing of confirmed status

---
 app/controllers/users_controller.rb | 17 ++++++++++-------
 app/views/users/_form.html.erb      |  0
 app/views/users/edit.html.erb       |  8 +++++++-
 3 files changed, 17 insertions(+), 8 deletions(-)
 delete mode 100644 app/views/users/_form.html.erb

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 2a3f07b..e843e0a 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -57,6 +57,9 @@ class UsersController < ApplicationController
           flash[:alert] = "Your account has already been confirmed!"
         end
         redirect_to @user
+      elsif !@user.is?(current_user)
+        flash[:alert] = "Wrong user, please log in as '#{@user.name}' first!"
+        redirect_to root_path
       else
         flash[:alert] = "Something is wrong with your confirmation code"
         redirect_to root_path
@@ -131,20 +134,20 @@ class UsersController < ApplicationController
   def update
     @user = User.find(params[:id])
     if (mod? && current_user.role >= @user.role ) || (@user.is?(current_user) && confirmed?)
-      userdata = user_params([:name, :role, :skype, :skype_public, :youtube, :twitter, :about])
+      if mod?
+        userdata = user_params([:name, :skype, :skype_public, :youtube, :twitter, :about, :role, :confirmed])
+      else
+        userdata = user_params([:name, :skype, :skype_public, :youtube, :twitter, :about])
+      end
       if userdata[:role]
         role = Role.get(userdata[:role])
-        if (mod? && role <= current_user.role)
+        if role <= current_user.role
           userdata[:role] = role
         else
-          #reset role
+          # don't change role
           userdata.delete[:role]
         end
       end
-      unless userdata[:ign] && (mod? && current_user.role >= @user.role)
-        #reset ign
-        userdata[:ign] = @user.ign
-      end
       if @user.youtube != userdata[:youtube]
         youtube = get_youtube(userdata[:youtube])
         userdata[:youtube] = youtube[:channel]
diff --git a/app/views/users/_form.html.erb b/app/views/users/_form.html.erb
deleted file mode 100644
index e69de29..0000000
diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb
index 0463686..d815509 100644
--- a/app/views/users/edit.html.erb
+++ b/app/views/users/edit.html.erb
@@ -20,11 +20,17 @@
         <tr>
           <td>Role</td>
           <td>
-            <% if mod? && current_user.role >= @user.role %>
+            <% if current_user.role >= @user.role %>
               <%= f.select :role, Role.all_to(current_user.role) %>
             <% end %>
           </td>
         </tr>
+        <tr>
+          <td>Confirmed email adress</td>
+          <td>
+            <%= f.select :confirmed, [["No", false], ["Yes", true]], {}, { disabled: !can_edit? } %>
+          </td>
+        </tr>
       <% end %>
       <tr>
         <td>Skype username</td>