1 class LoginController < ApplicationController
4 # Make sure that a user logs in before doing any action here
5 before_filter :authorize, :only => :index
7 # Only managers can do the following actions
8 before_filter :manager, :only => [:add_user, :delete_user, :list_users, :maintenence]
11 render :action => 'maintenence'
15 @user = User.new(params[:user])
16 if request.post? and @user.save
17 flash.now[:notice] = "User #{@user.name} created"
23 session[:user_id] = nil
25 user = User.authenticate(params[:name], params[:password])
27 session[:user_id] = user.id
28 redirect_to :action => 'index'
30 flash[:notice] = "Invalid user/password combination"
36 session[:user_id] = nil
37 flash[:notice] = "Logged Out"
38 redirect_to :action => :login
47 user = User.find(params[:id])
50 flash[:notice] = "User #{user.name} deleted"
52 flash[:notice] = e.message
55 redirect_to(:action => :list_users)
59 @all_users = User.find(:all)