|
class AdminPanelController < ApplicationController
layout 'admin'
before_filter :authenticate_user
def maintenance_mode
end
def index
redirect_to admin_dashboard_path
end
def dashboard
@users = User.all
@posts = BlogPost.all
@files = Upload.all
end
def posts
@posts = BlogPost.all
end
def contact_messages
@contact_messages = ContactMessage.order('created_at DESC').all
end
def users
@users = User.order('created_at DESC').all
end
def files
@uploads = Upload.all
end
def site_config
@config = Info.first
end
def site_config_update
@config = Info.first
respond_to do |format|
if @config.update(info_params)
format.html { redirect_to admin_config_path, notice: (t 'admin_panel.config_update_success') }
format.json { head :no_content }
else
format.html { render action: 'site_config' }
format.json { render json: @upload.errors, status: :unprocessable_entity }
end
end
end
def make_admin
@user = User.find(params[:id])
if @user.admin == true
@user.admin = false
status = "admin_panel.unmake_admin_success"
else
@user.admin = true
status = "admin_panel.make_admin_success"
end
respond_to do |format|
if @user.save
format.html { redirect_to admin_users_path, notice: (t status) }
format.json { head :no_content }
else
format.html { redirect_to admin_users_path, alert: (t 'admin_panel.make_admin_error') }
format.json { head :no_content }
end
end
end
private
# Never trust parameters from the scary internet, only allow the white list through.
def info_params
params.require(:info).permit(:website_name, :website_link, :tagline, :contact_email, :default_language, :maintenance_mode, :maintenance_title, :maintenance_message)
end
def authenticate_user
redirect_to root_path, alert: (t 'admin_panel.permission_denied') unless current_user && current_user.admin?
end
end
|
