Deny editing users on demo

This commit is contained in:
snipe
2015-06-30 22:10:23 -07:00
parent 62f8d002e3
commit f2abbd0e8f
+5 -6
View File
@@ -245,6 +245,11 @@ class UsersController extends AdminController
$this->decodePermissions($permissions);
app('request')->request->set('permissions', $permissions);
// Only update the email address if locking is set to false
if (Config::get('app.lock_passwords')) {
return Redirect::route('users')->with('error', 'Denied! You cannot update user information on the demo.');
}
try {
// Get the user information
$user = Sentry::getUserProvider()->findById($id);
@@ -277,11 +282,6 @@ class UsersController extends AdminController
return Redirect::back()->withInput()->withErrors($validator);
}
// Only update the email address if locking is set to false
if (!Config::get('app.lock_passwords')) {
$user->email = Input::get('email');
}
try {
// Update the user
$user->first_name = Input::get('first_name');
@@ -325,7 +325,6 @@ class UsersController extends AdminController
// Assign the user to groups
foreach ($groupsToAdd as $groupId) {
$group = Sentry::getGroupProvider()->findById($groupId);
$user->addGroup($group);
}