+ ##
+ # activate a user, allowing them to log in
+ def activate
+ @this_user.update_attributes(:active => true)
+ redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+ end
+
+ ##
+ # deactivate a user, preventing them from logging in
+ def deactivate
+ @this_user.update_attributes(:active => false)
+ redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+ end
+
+ ##
+ # hide a user, marking them as logically deleted
+ def hide
+ @this_user.update_attributes(:visible => false)
+ redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+ end
+
+ ##
+ # unhide a user, clearing the logically deleted flag
+ def unhide
+ @this_user.update_attributes(:visible => true)
+ redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+ end
+
+ ##
+ # delete a user, marking them as deleted and removing personal data
+ def delete
+ @this_user.delete
+ redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+ end
+private
+ ##
+ # require that the user is a administrator, or fill out a helpful error message
+ # and return them to the user page.
+ def require_administrator
+ unless @user.administrator?
+ flash[:error] = t('user.filter.not_an_administrator')
+ redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+ end
+ end
+
+ ##
+ # ensure that there is a "this_user" instance variable
+ def lookup_this_user
+ @this_user = User.find_by_display_name(params[:display_name])
+ rescue ActiveRecord::RecordNotFound
+ redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name] unless @this_user
+ end
+end