diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 8fad4df..283a442 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -85,22 +85,28 @@
def admin_api_update
if user_signed_in? && current_user.is_org_admin? then
#iterate through all org users
+ user_ids = params[:api_user_ids].blank? ? [] : params[:api_user_ids].map(&:to_i)
+ admin_user_ids = params[:org_admin_ids].blank? ? [] : params[:org_admin_ids].map(&:to_i)
current_user.organisation.users.each do |user|
- if !params[:user_ids].nil?
- user_ids = params[:user_ids].map(&:to_i)
- # if user_id in passed params
- if user_ids.include? user.id
- # run generate_or_keep
- user.keep_or_generate_token!
- # if not in passed params
- else
- # remove the token
- user.remove_token!
- end
+ # if user_id in passed params
+ if user_ids.include? user.id
+ # run generate_or_keep
+ user.keep_or_generate_token!
+ # if not in passed params
else
- # no users selected so remove all tokens
+ # remove the token
user.remove_token!
end
+ # ORG_ADMINS
+ if admin_user_ids.include?( user.id) && !user.is_org_admin?
+ # add admin privleges
+ # MAGIC_STRING
+ user.roles << Role.find_by(name: "org_admin")
+ # if user_id not in passed, but user is an admin
+ elsif !admin_user_ids.include?(user.id) && user.is_org_admin?
+ # strip admin privleges
+ user.roles.delete(Role.find_by(name: "org_admin"))
+ end
end
#redirect_to admin_index
else
diff --git a/app/views/users/admin_api_update.html.erb b/app/views/users/admin_api_update.html.erb
index e7e94f1..3f26ec2 100644
--- a/app/views/users/admin_api_update.html.erb
+++ b/app/views/users/admin_api_update.html.erb
@@ -13,6 +13,7 @@
| <%= t('org_admin.user_name') %> |
<%= t('org_admin.last_logged_in') %> |
<%= t('org_admin.how_many_plans') %> |
+ <%= t('org_admin.is_org_admin') %> |
<% if current_user.organisation.token_permission_types.count > 0 %>
<%= t('org_admin.api_privleges') %> |
<% end %>
@@ -42,15 +43,18 @@
<%= user.project_groups.count %>
<% end %>
+
+ <%= check_box_tag "org_admin_ids[]", user.id, user.is_org_admin? %>
+ |
<% if current_user.organisation.token_permission_types.count > 0 %>
- <%= check_box_tag "user_ids[]", user.id, user.api_token !="" %>
+ <%= check_box_tag "api_user_ids[]", user.id, user.api_token !="" %>
|
<% end %>
<% end %>
<% end %>
- <%= submit_tag "Update API Privleges" %>
+ <%= submit_tag "Update Users" %>
<% end %>
\ No newline at end of file
diff --git a/app/views/users/admin_index.html.erb b/app/views/users/admin_index.html.erb
index e7e94f1..3f26ec2 100644
--- a/app/views/users/admin_index.html.erb
+++ b/app/views/users/admin_index.html.erb
@@ -13,6 +13,7 @@
<%= t('org_admin.user_name') %> |
<%= t('org_admin.last_logged_in') %> |
<%= t('org_admin.how_many_plans') %> |
+ <%= t('org_admin.is_org_admin') %> |
<% if current_user.organisation.token_permission_types.count > 0 %>
<%= t('org_admin.api_privleges') %> |
<% end %>
@@ -42,15 +43,18 @@
<%= user.project_groups.count %>
<% end %>
+
+ <%= check_box_tag "org_admin_ids[]", user.id, user.is_org_admin? %>
+ |
<% if current_user.organisation.token_permission_types.count > 0 %>
- <%= check_box_tag "user_ids[]", user.id, user.api_token !="" %>
+ <%= check_box_tag "api_user_ids[]", user.id, user.api_token !="" %>
|
<% end %>
<% end %>
<% end %>
- <%= submit_tag "Update API Privleges" %>
+ <%= submit_tag "Update Users" %>
<% end %>
\ No newline at end of file