admin controller tests, sans question

app/controllers/admin/auth_controller.rb

@@ -1,12 +1,25 @@
 module Admin
   class AuthController < AdminController
+    skip_before_action :authorize_admin
+
     def login
     end
 
     def auth
+      admin = User.find_by(email: auth_params[:email], role: 'admin')
+
+      if admin && admin.authenticate(auth_params[:password])
+        session[:user] = admin.to_i
+        redirect_to admin_path
+      else
+        redirect_to admin_login_path,
+                    flash: { error: "Sorry, incorrect email or password. Please try again." }
+      end
     end
 
     def logout
+      reset_session
+      redirect_to admin_login_path
     end
   end
 end

app/controllers/admin/quiz_controller.rb

@@ -1,21 +1,48 @@
 module Admin
   class QuizController < AdminController
     def index
+      @quizzes = Quiz.all
     end
 
     def new
+      @quiz = Quiz.new
     end
 
     def create
+      @quiz = Quiz.create(quiz_params)
+
+      if @quiz.persisted?
+        redirect_to admin_quizzes_path, flash: { notice: "Sucessfully created quiz" }
+      else
+        flash[:error] = "Failed to save quiz."
+        render :new
+      end
     end
 
     def view
+      @quiz = Quiz.find(params[:quiz_id])
     end
 
     def edit
+      @quiz = Quiz.find(params[:quiz_id])
     end
 
     def update
+      @quiz = Quiz.find(params[:quiz_id])
+
+      if @quiz.update_attributes(quiz_params)
+        redirect_to admin_quiz_path(@quiz.to_i),
+                    flash: { notice: "Sucessfully updated quiz" }
+      else
+        flash[:error] = "Failed to update quiz."
+        render :edit
+      end
     end
+
+    private
+
+      def quiz_params
+        params.require(:quiz).permit(:dept, :unit)
+      end
   end
 end

app/controllers/admin/user_controller.rb

@@ -1,21 +1,50 @@
 module Admin
   class UserController < AdminController
     def index
+      @users = User.order(:name)
     end
 
     def new
+      @user = User.new
     end
 
     def create
+      default_passwd = SecureRandom.urlsafe_base64(12)
+      @user = User.create({ password: default_passwd }.merge(user_params.to_h))
+
+      if @user.persisted?
+        # TODO: UserMailer.welcome(@user, default_passwd).deliver_now
+        redirect_to admin_users_path, flash: { notice: "Sucessfully created user #{@user.name}" }
+      else
+        flash[:error] = "Failed to save user."
+        render :new
+      end
     end
 
     def view
+      @user = User.find(params[:user_id])
     end
 
     def edit
+      @user = User.find(params[:user_id])
     end
 
     def update
+      @user = User.find(params[:user_id])
+
+      if @user.update_attributes(user_params)
+        redirect_to admin_user_path(@user.to_i),
+                    flash: { notice: "Sucessfully updated #{@user.name}" }
+      else
+        flash[:error] = "Failed to update user."
+        render :edit
+      end
     end
+
+    private
+
+      def user_params
+        params.require(:user).permit(:name, :email, :role, :password)
+      end
   end
 end