iqbalhasnan · October 15, 2014 07:39
diff --git a/user_controller.rb b/user_controller.rb
 class Admin::UsersController < ApplicationController
  before_filter :authenticate_user!
  before_filter :check_if_admin
  include Pundit
 
  def index
    @users = User.all
  end
 
  def update
    if @user.update_attributes(secure_params)
      redirect_to admin_users_path, :notice => "User updated."
    else
      redirect_to admin_users_path, :alert => "Unable to update user."
    end
  end
 
  def destroy
    @user.destroy
    redirect_to admin_users_path, :notice => "User deleted."
  end
 
  private
 
  def secure_params
    params.require(:user).permit(:role)
  end
  #DRY
  def load_user
    @user = User.find(params[:id])
  end
 
  def check_if_admin
    raise Pundit::NotAuthorizedError unless current_user.admin?
  end
 
 end
	class Admin::UsersController < ApplicationController
	before_filter :authenticate_user!
	before_filter :check_if_admin
	include Pundit

	def index
	@users = User.all
	end

	def update
	if @user.update_attributes(secure_params)
	redirect_to admin_users_path, :notice => "User updated."
	else
	redirect_to admin_users_path, :alert => "Unable to update user."
	end
	end

	def destroy
	@user.destroy
	redirect_to admin_users_path, :notice => "User deleted."
	end

	private

	def secure_params
	params.require(:user).permit(:role)
	end
	#DRY
	def load_user
	@user = User.find(params[:id])
	end

	def check_if_admin
	raise Pundit::NotAuthorizedError unless current_user.admin?
	end

	end