X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/eb0f9ff63d5ad5d91ea941420e094dd2980df094..d29a9dad9d7b1f076e18a664fe7938bc6067e135:/app/controllers/user_roles_controller.rb

diff --git a/app/controllers/user_roles_controller.rb b/app/controllers/user_roles_controller.rb
index ee4de7ce0..54dc90dee 100644
--- a/app/controllers/user_roles_controller.rb
+++ b/app/controllers/user_roles_controller.rb
@@ -11,7 +11,9 @@ class UserRolesController < ApplicationController
   around_filter :setup_nonce
 
   def grant
-    @this_user.roles.create(:role => @role, :granter_id => @user.id)
+    @this_user.roles.create({
+      :role => @role, :granter_id => @user.id
+    }, :without_protection => true)
     redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
   end
 
@@ -23,7 +25,7 @@ class UserRolesController < ApplicationController
   private
   def require_administrator
     unless @user.administrator?
-      flash[:notice] = t'user_role.filter.not_an_administrator'
+      flash[:error] = t'user_role.filter.not_an_administrator'
       redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
     end
   end
@@ -58,7 +60,7 @@ class UserRolesController < ApplicationController
   def require_valid_role
     @role = params[:role]
     unless UserRole::ALL_ROLES.include?(@role)
-      flash[:notice] = t('user_role.filter.not_a_role', :role => @role)
+      flash[:error] = t('user_role.filter.not_a_role', :role => @role)
       redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
     end
   end
@@ -67,7 +69,7 @@ class UserRolesController < ApplicationController
   # checks that the user doesn't already have this role
   def not_in_role
     if @this_user.has_role? @role
-      flash[:notice] = t('user_role.filter.already_has_role', :role => @role)
+      flash[:error] = t('user_role.filter.already_has_role', :role => @role)
       redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
     end
   end
@@ -76,7 +78,7 @@ class UserRolesController < ApplicationController
   # checks that the user already has this role
   def in_role
     unless @this_user.has_role? @role
-      flash[:notice] = t('user_role.filter.doesnt_have_role', :role => @role)
+      flash[:error] = t('user_role.filter.doesnt_have_role', :role => @role)
       redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
     end
   end