admin controller tests, sans question

app/controllers/admin/auth_controller.rb

@@ -1,12 +1,25 @@
 module Admin
   class AuthController < AdminController
+    skip_before_action :authorize_admin
+
     def login
     end
 
     def auth
+      admin = User.find_by(email: auth_params[:email], role: 'admin')
+
+      if admin && admin.authenticate(auth_params[:password])
+        session[:user] = admin.to_i
+        redirect_to admin_path
+      else
+        redirect_to admin_login_path,
+                    flash: { error: "Sorry, incorrect email or password. Please try again." }
+      end
     end
 
     def logout
+      reset_session
+      redirect_to admin_login_path
     end
   end
 end

app/controllers/admin/quiz_controller.rb

@@ -1,21 +1,48 @@
 module Admin
   class QuizController < AdminController
     def index
+      @quizzes = Quiz.all
     end
 
     def new
+      @quiz = Quiz.new
     end
 
     def create
+      @quiz = Quiz.create(quiz_params)
+
+      if @quiz.persisted?
+        redirect_to admin_quizzes_path, flash: { notice: "Sucessfully created quiz" }
+      else
+        flash[:error] = "Failed to save quiz."
+        render :new
+      end
     end
 
     def view
+      @quiz = Quiz.find(params[:quiz_id])
     end
 
     def edit
+      @quiz = Quiz.find(params[:quiz_id])
     end
 
     def update
+      @quiz = Quiz.find(params[:quiz_id])
+
+      if @quiz.update_attributes(quiz_params)
+        redirect_to admin_quiz_path(@quiz.to_i),
+                    flash: { notice: "Sucessfully updated quiz" }
+      else
+        flash[:error] = "Failed to update quiz."
+        render :edit
+      end
     end
+
+    private
+
+      def quiz_params
+        params.require(:quiz).permit(:dept, :unit)
+      end
   end
 end

app/controllers/admin/user_controller.rb

@@ -1,21 +1,50 @@
 module Admin
   class UserController < AdminController
     def index
+      @users = User.order(:name)
     end
 
     def new
+      @user = User.new
     end
 
     def create
+      default_passwd = SecureRandom.urlsafe_base64(12)
+      @user = User.create({ password: default_passwd }.merge(user_params.to_h))
+
+      if @user.persisted?
+        # TODO: UserMailer.welcome(@user, default_passwd).deliver_now
+        redirect_to admin_users_path, flash: { notice: "Sucessfully created user #{@user.name}" }
+      else
+        flash[:error] = "Failed to save user."
+        render :new
+      end
     end
 
     def view
+      @user = User.find(params[:user_id])
     end
 
     def edit
+      @user = User.find(params[:user_id])
     end
 
     def update
+      @user = User.find(params[:user_id])
+
+      if @user.update_attributes(user_params)
+        redirect_to admin_user_path(@user.to_i),
+                    flash: { notice: "Sucessfully updated #{@user.name}" }
+      else
+        flash[:error] = "Failed to update user."
+        render :edit
+      end
     end
+
+    private
+
+      def user_params
+        params.require(:user).permit(:name, :email, :role, :password)
+      end
   end
 end

app/controllers/admin_controller.rb

@@ -1,2 +1,18 @@
 class AdminController < ApplicationController
+  before_action :authorize_admin
+
+  def dashboard
+  end
+
+  def current_admin
+    user_args = { id: session[:user], role: 'admin' }
+    @current_admin ||= User.find_by(user_args) if session[:user]
+  end
+  helper_method :current_admin
+
+  private
+
+    def authorize_admin
+      redirect_to admin_login_path unless current_admin
+    end
 end

app/models/quiz.rb

@@ -1,4 +1,7 @@
 class Quiz < ApplicationRecord
   has_many :questions, -> { order(:sort) }
   has_many :candidates
+
+  validates_presence_of :dept
+  validates_presence_of :unit
 end

app/models/user.rb

@@ -1,4 +1,8 @@
 class User < ApplicationRecord
   has_secure_password
   has_many :candidates, foreign_key: "recruiter_id"
+
+  validates_presence_of :email
+  validates_presence_of :name
+  validates_presence_of :role
 end

app/views/admin/dashboard.html.erb

@@ -0,0 +1 @@
+huzzah! dashboard

app/views/admin/quiz/_form.html.erb

@@ -0,0 +1,6 @@
+<%= form_for quiz, url: action do |f| %>
+  <p>Unit: <%= f.text_field :unit %></p>
+  <p>Dept: <%= f.text_field :dept %></p>
+
+  <%= f.submit %>
+<% end %>

app/views/admin/quiz/edit.html.erb

@@ -1,2 +1,4 @@
 <h1>Admin::Quizes#edit</h1>
 <p>Find me in app/views/admin/quizes/edit.html.erb</p>
+
+<%= render partial: 'form', locals: { quiz: @quiz, action: admin_update_quiz_path } %>

app/views/admin/quiz/new.html.erb

@@ -1,2 +1,4 @@
 <h1>Admin::Quizes#new</h1>
 <p>Find me in app/views/admin/quizes/new.html.erb</p>
+
+<%= render partial: 'form', locals: { quiz: @quiz, action: admin_create_quiz_path } %>

app/views/admin/quiz/view.html.erb

@@ -1,2 +1,7 @@
 <h1>Admin::Quizes#view</h1>
 <p>Find me in app/views/admin/quizes/view.html.erb</p>
+
+<main>
+  <p><%= @quiz.dept %></p>
+  <p><%= @quiz.unit %></p>
+</main>

app/views/admin/user/_form.html.erb

@@ -0,0 +1,7 @@
+<%= form_for user, url: action do |f| %>
+  <p>Name: <%= f.text_field :name %></p>
+  <p>eMail: <%= f.email_field :email %></p>
+  <p>Role: <%= f.text_field :role %></p>
+
+  <%= f.submit %>
+<% end %>

app/views/admin/user/edit.html.erb

@@ -1,2 +1,4 @@
 <h1>Admin::Users#edit</h1>
 <p>Find me in app/views/admin/users/edit.html.erb</p>
+
+<%= render partial: 'form', locals: {user: @user, action: admin_update_user_path  } %>

app/views/admin/user/new.html.erb

@@ -1,2 +1,4 @@
 <h1>Admin::Users#new</h1>
 <p>Find me in app/views/admin/users/new.html.erb</p>
+
+<%= render partial: 'form', locals: {user: @user, action: admin_create_user_path } %>

app/views/admin/user/view.html.erb

@@ -1,2 +1,6 @@
 <h1>Admin::Users#view</h1>
 <p>Find me in app/views/admin/users/view.html.erb</p>
+
+<main>
+  <%= @user.name %>
+</main>