dashboard controller
This commit is contained in:
Mark Moser
10
app/controllers/admin/dashboard_controller.rb
Normal file
10
app/controllers/admin/dashboard_controller.rb
Normal file
@ -0,0 +1,10 @@
|
||||
# frozen_string_literal: true
|
||||
module Admin
|
||||
class DashboardController < AdminController
|
||||
def show
|
||||
authorize :dashboard
|
||||
@quizzes = policy_scope Quiz.includes(:questions).all
|
||||
@users = policy_scope User.order(:role, :name)
|
||||
end
|
||||
end
|
||||
end
|
||||
@ -4,17 +4,10 @@ class AdminController < ApplicationController
|
||||
layout 'admin'
|
||||
before_action :authorize_user
|
||||
|
||||
after_action :verify_authorized, except: :index
|
||||
after_action :verify_policy_scoped, only: :index
|
||||
|
||||
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
|
||||
|
||||
# TODO: move to DashboardController#index
|
||||
def dashboard
|
||||
authorize :admin, :dashboard?
|
||||
@quizzes = Quiz.includes(:questions).all
|
||||
@users = User.order(:role, :name)
|
||||
end
|
||||
after_action :verify_authorized, except: :index
|
||||
after_action :verify_policy_scoped, only: :index
|
||||
|
||||
def current_user
|
||||
@current_user ||= User.find_by(id: session[:user]) if session[:user]
|
||||
|
||||
@ -15,22 +15,19 @@ class User < ApplicationRecord
|
||||
save
|
||||
end
|
||||
|
||||
# TODO: move to mixin: UserRoles
|
||||
# Roles
|
||||
def admin?
|
||||
'admin' == role
|
||||
end
|
||||
|
||||
# TODO: move to mixin: UserRoles
|
||||
def manager?
|
||||
%w(admin manager).include? role
|
||||
end
|
||||
|
||||
# TODO: move to mixin: UserRoles
|
||||
def recruiter?
|
||||
'recruiter' == role
|
||||
end
|
||||
|
||||
# TODO: move to mixin: UserRoles
|
||||
def reviewer?
|
||||
'reviewer' == role
|
||||
end
|
||||
|
||||
@ -1,31 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
class AdminPolicy < Struct.new(:user, :dashboard)
|
||||
attr_reader :user, :record
|
||||
|
||||
def initialize(user, record)
|
||||
raise Pundit::NotAuthorizedError, "Must be logged in." unless user
|
||||
@user = user
|
||||
@record = record
|
||||
end
|
||||
|
||||
def dashboard?
|
||||
true
|
||||
end
|
||||
|
||||
def scope
|
||||
Pundit.policy_scope!(user, record.class)
|
||||
end
|
||||
|
||||
class Scope
|
||||
attr_reader :user, :scope
|
||||
|
||||
def initialize(user, scope)
|
||||
@user = user
|
||||
@scope = scope
|
||||
end
|
||||
|
||||
def resolve
|
||||
scope
|
||||
end
|
||||
end
|
||||
end
|
||||
14
app/policies/dashboard_policy.rb
Normal file
14
app/policies/dashboard_policy.rb
Normal file
@ -0,0 +1,14 @@
|
||||
# frozen_string_literal: true
|
||||
class DashboardPolicy < Struct.new(:user, :dashboard)
|
||||
attr_reader :user, :record
|
||||
|
||||
def initialize(user, record)
|
||||
raise Pundit::NotAuthorizedError, "Must be logged in." unless user
|
||||
@user = user
|
||||
@record = record
|
||||
end
|
||||
|
||||
def show?
|
||||
true
|
||||
end
|
||||
end
|
||||
@ -6,6 +6,10 @@ class QuizPolicy < ApplicationPolicy
|
||||
# Reviewers can view any quiz they are linked to
|
||||
# Recruiters can only list quiz names (for candidate assignments)
|
||||
|
||||
def index?
|
||||
true
|
||||
end
|
||||
|
||||
def view?
|
||||
return true if user.admin? || user.manager?
|
||||
user.quizzes.include? record
|
||||
|
||||
@ -5,6 +5,10 @@ class UserPolicy < ApplicationPolicy
|
||||
# Only Admins can view, create, or update, users
|
||||
# All other users can only access themselves (profile interface)
|
||||
|
||||
def index?
|
||||
user.admin?
|
||||
end
|
||||
|
||||
def view?
|
||||
user.admin? || user == record
|
||||
end
|
||||
@ -25,7 +29,7 @@ class UserPolicy < ApplicationPolicy
|
||||
class Scope < Scope
|
||||
def resolve
|
||||
return scope if user.admin?
|
||||
raise Pundit::NotAuthorizedError, "No access to resource."
|
||||
scope.where(id: user.id)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@ -1,15 +0,0 @@
|
||||
<%
|
||||
content_for :section_title, "Admin Dashboard"
|
||||
%>
|
||||
|
||||
<section>
|
||||
<h1>Quizzes</h1>
|
||||
<%= render partial: 'admin/quiz/table_list', locals: { quizzes: @quizzes } %>
|
||||
<%= link_to('New Quiz', admin_new_quiz_path, { class: 'btn' }) %>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<h1>Users</h1>
|
||||
<%= render partial: 'admin/user/table_list', locals: { users: @users } %>
|
||||
<%= link_to('New User', admin_new_user_path, { class: 'btn' }) %>
|
||||
</section>
|
||||
35
app/views/admin/dashboard/show.html.erb
Normal file
35
app/views/admin/dashboard/show.html.erb
Normal file
@ -0,0 +1,35 @@
|
||||
<%
|
||||
content_for :section_title, "Admin Dashboard"
|
||||
%>
|
||||
|
||||
<pre>
|
||||
## Admin
|
||||
Users | Dept/Unit | Quizzes | Candidates | Results | Profile | Logout
|
||||
|
||||
## Manager
|
||||
Quizzes | Results | Profile | Logout
|
||||
|
||||
## Recruiter
|
||||
Results | Profile | Logout
|
||||
|
||||
## Reviewer
|
||||
Candidates | Profile | Logout
|
||||
</pre>
|
||||
|
||||
<% if policy(Quiz).index? %>
|
||||
<section>
|
||||
<h1>Quizzes</h1>
|
||||
<%= render partial: 'admin/quiz/table_list', locals: { quizzes: @quizzes } %>
|
||||
<%= link_to('New Quiz', admin_new_quiz_path, { class: 'btn' }) %>
|
||||
</section>
|
||||
<% end %>
|
||||
|
||||
<% if policy(User).index? %>
|
||||
<section>
|
||||
<h1>Users</h1>
|
||||
<%= render partial: 'admin/user/table_list', locals: { users: @users } %>
|
||||
<%= link_to('New User', admin_new_user_path, { class: 'btn' }) %>
|
||||
</section>
|
||||
<% end %>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user