From 41ceccc5b54d7dd708ce639e867b7261ffeb30ef Mon Sep 17 00:00:00 2001 From: Mark Moser Date: Tue, 20 Oct 2015 21:49:59 -0500 Subject: [PATCH] user management --- .rubocop.yml | 4 ++ app/controllers/application_controller.rb | 2 +- app/controllers/docs_controller.rb | 2 +- app/controllers/oauths_controller.rb | 2 +- app/controllers/staff_controller.rb | 6 --- app/controllers/users_controller.rb | 64 ++++++++++++++++++++++- app/views/layouts/_navigation.html.haml | 1 - app/views/staff/_sub_nav.html.haml | 1 - app/views/staff/index.html.haml | 4 -- app/views/users/_form.html.haml | 29 ++++++++++ app/views/users/_sub_nav.html.haml | 4 +- app/views/users/edit.html.haml | 3 ++ app/views/users/index.html.haml | 16 ++++-- app/views/users/new.html.haml | 3 ++ app/views/users/show.html.haml | 16 ++++++ config/routes.rb | 43 ++++++++------- test/controllers/staff_controller_test.rb | 7 --- 17 files changed, 158 insertions(+), 49 deletions(-) delete mode 100644 app/controllers/staff_controller.rb delete mode 100644 app/views/staff/_sub_nav.html.haml delete mode 100644 app/views/staff/index.html.haml create mode 100644 app/views/users/_form.html.haml create mode 100644 app/views/users/edit.html.haml create mode 100644 app/views/users/new.html.haml create mode 100644 app/views/users/show.html.haml delete mode 100644 test/controllers/staff_controller_test.rb diff --git a/.rubocop.yml b/.rubocop.yml index d801f02..bf67122 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -21,6 +21,10 @@ Style/IndentationConsistency: Style/MethodDefParentheses: Enabled: false +Style/SingleSpaceBeforeFirstArg: + Exclude: + - config/routes.rb + Style/StringLiterals: Enabled: false diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f309041..db94b34 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,7 +2,7 @@ class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception - before_filter :require_login + before_action :require_login respond_to :html, :json helper :access diff --git a/app/controllers/docs_controller.rb b/app/controllers/docs_controller.rb index a743a10..d19d2f0 100644 --- a/app/controllers/docs_controller.rb +++ b/app/controllers/docs_controller.rb @@ -1,5 +1,5 @@ class DocsController < ApplicationController - skip_before_filter :require_login + skip_before_action :require_login def index @doc = { diff --git a/app/controllers/oauths_controller.rb b/app/controllers/oauths_controller.rb index b9388f1..299dde0 100644 --- a/app/controllers/oauths_controller.rb +++ b/app/controllers/oauths_controller.rb @@ -1,5 +1,5 @@ class OauthsController < ApplicationController - skip_before_filter :require_login + skip_before_action :require_login def oauth login_at(params[:provider]) diff --git a/app/controllers/staff_controller.rb b/app/controllers/staff_controller.rb deleted file mode 100644 index 5a7961b..0000000 --- a/app/controllers/staff_controller.rb +++ /dev/null @@ -1,6 +0,0 @@ -class StaffController < ApplicationController - def index - @staff = Person.staff - respond_with @staff - end -end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 3334efd..ebb5741 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,6 +1,66 @@ class UsersController < ApplicationController def index - @users = Person.admins - respond_with @users + redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user + + @admins = Person.admins + @staff = Person.staff end + + def new + redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user + + @user = Person.new + end + + def register + redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user + + @user = Person.create(user_params) + if @user + redirect_to :root, notice: 'Success! We will authorize you soon.' + return + else + render :new + end + end + + def edit + redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user + + @user = Person.find_by_id(params[:id]) + end + + def show + redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user + + @user = Person.find_by_id(params[:id]) + end + + def update + redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user + + @user = Person.find(params[:id]) + if @user.update(user_params) + redirect_to user_path(@user), notice: 'Updated!' + else + render :edit + end + end + + private + + def verify_admin! user + user && user.admin? + end + + def user_params + params.require(:user).permit( + :first_name, + :last_name, + :phone, + :email, + :admin, + :staff + ) + end end diff --git a/app/views/layouts/_navigation.html.haml b/app/views/layouts/_navigation.html.haml index b333b9d..8b54f91 100644 --- a/app/views/layouts/_navigation.html.haml +++ b/app/views/layouts/_navigation.html.haml @@ -4,5 +4,4 @@ %li{ class: active_controller('children') }= link_to 'Children', list_children_path %li{ class: active_controller('pages') }= link_to 'Pages', list_pages_path - if can_edit_user? current_user - %li{ class: active_controller('staff') }= link_to 'Staff', list_staff_path %li{ class: active_controller('users') }= link_to 'Users', list_users_path diff --git a/app/views/staff/_sub_nav.html.haml b/app/views/staff/_sub_nav.html.haml deleted file mode 100644 index 55e946f..0000000 --- a/app/views/staff/_sub_nav.html.haml +++ /dev/null @@ -1 +0,0 @@ --# %ul.sub-nav diff --git a/app/views/staff/index.html.haml b/app/views/staff/index.html.haml deleted file mode 100644 index 8f0780b..0000000 --- a/app/views/staff/index.html.haml +++ /dev/null @@ -1,4 +0,0 @@ -%h1 Staff -%ul - - @staff.each do |staff| - %li= staff.name diff --git a/app/views/users/_form.html.haml b/app/views/users/_form.html.haml new file mode 100644 index 0000000..ecaa2e2 --- /dev/null +++ b/app/views/users/_form.html.haml @@ -0,0 +1,29 @@ +%ul.sub-nav + %li= link_to 'back', :back + +- if @user.errors.full_messages.any? + .errors + %h1 Uh oh! + - @user.errors.full_messages.each do |e| + %p= e + += form_for @user, as: :user, url: form_action do |f| + = f.label :first_name + = f.text_field :first_name + + = f.label :last_name + = f.text_field :last_name + + = f.label :phone + = f.phone_field :phone + + = f.label :email, 'GMAIL ADDRESS' + = f.email_field :email + + = f.label :admin + = f.check_box :admin + + = f.label :staff + = f.check_box :staff + + = f.submit diff --git a/app/views/users/_sub_nav.html.haml b/app/views/users/_sub_nav.html.haml index 55e946f..128a811 100644 --- a/app/views/users/_sub_nav.html.haml +++ b/app/views/users/_sub_nav.html.haml @@ -1 +1,3 @@ --# %ul.sub-nav +- if can_create_user? current_user + %ul.sub-nav + %li= link_to 'New', new_user_path diff --git a/app/views/users/edit.html.haml b/app/views/users/edit.html.haml new file mode 100644 index 0000000..36fce4c --- /dev/null +++ b/app/views/users/edit.html.haml @@ -0,0 +1,3 @@ +%h2 Edit #{@user.name} + += render partial: 'form', locals: {form_action: edit_user_path} diff --git a/app/views/users/index.html.haml b/app/views/users/index.html.haml index 551426d..fadf3f6 100644 --- a/app/views/users/index.html.haml +++ b/app/views/users/index.html.haml @@ -1,5 +1,13 @@ -%h1 Users +%h1 Admins +%ul.index + - @admins.each do |user| + %li.name + = link_to user.name, user_path(user) + = edit_btn(edit_user_path(user)) -%ul - - @users.each do |user| - %li= user.name +%h1 Staff +%ul.index + - @staff.each do |staff| + %li.name + = link_to staff.name, user_path(staff) + = edit_btn(edit_user_path(staff)) diff --git a/app/views/users/new.html.haml b/app/views/users/new.html.haml new file mode 100644 index 0000000..8ed0b55 --- /dev/null +++ b/app/views/users/new.html.haml @@ -0,0 +1,3 @@ +%h2 Register a new User + += render partial: 'form', locals: {form_action: add_user_path} diff --git a/app/views/users/show.html.haml b/app/views/users/show.html.haml new file mode 100644 index 0000000..30f5c6a --- /dev/null +++ b/app/views/users/show.html.haml @@ -0,0 +1,16 @@ +%h2= @user.name + +%ul.sub-nav + %li= link_to 'back', :back + %li= link_to 'edit', edit_user_path(@user) + +%p Email: #{mail_to(@user.email, nil, encode: 'hex')} +%p Phone: #{number_to_phone @user.phone} #{page_link(@user)} + +- unless @user.children.empty? + %p Children: + %ul + - @user.children.each do |child| + %li + = link_to child.name, child_path(child) + = link_to 'remove', del_parenthood_path(@user, child), method: :delete diff --git a/config/routes.rb b/config/routes.rb index fd4e26b..54aba11 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,29 +1,32 @@ Rails.application.routes.draw do - post 'oauth/callback', to: 'oauths#callback' - get 'oauth/callback', to: 'oauths#callback' - get 'oauth/:provider', to: 'oauths#oauth', as: :auth_at_provider + post 'oauth/callback', to: 'oauths#callback' + get 'oauth/callback', to: 'oauths#callback' + get 'oauth/:provider', to: 'oauths#oauth', as: :auth_at_provider - get 'parents', to: 'parents#index', as: :list_parents - get 'parent/new', to: 'parents#new', as: :new_parent - post 'parent/new', to: 'parents#add', as: :add_parent - get 'parent/edit/:id', to: 'parents#edit', as: :edit_parent - get 'parent/:id', to: 'parents#show', as: :parent - patch 'parent/:id', to: 'parents#update', as: :update_parent + get 'parents', to: 'parents#index', as: :list_parents + get 'parent/new', to: 'parents#new', as: :new_parent + post 'parent/new', to: 'parents#add', as: :add_parent + get 'parent/edit/:id', to: 'parents#edit', as: :edit_parent + get 'parent/:id', to: 'parents#show', as: :parent + patch 'parent/:id', to: 'parents#update', as: :update_parent - post 'parenthood/child/:child', to: 'relationships#add_child', as: :add_parent_to_child - post 'parenthood/:parent/', to: 'relationships#add_child', as: :add_parenthood + post 'parenthood/child/:child', to: 'relationships#add_child', as: :add_parent_to_child + post 'parenthood/:parent/', to: 'relationships#add_child', as: :add_parenthood delete 'parenthood/:parent/:child', to: 'relationships#del_child', as: :del_parenthood - get 'children', to: 'children#index', as: :list_children - get 'child/new', to: 'children#new', as: :new_child - post 'child/new', to: 'children#add', as: :add_child - get 'childdit/:id', to: 'children#edit', as: :edit_child - get 'child/:id', to: 'children#show', as: :child - patch 'child/:id', to: 'children#update', as: :update_child + get 'children', to: 'children#index', as: :list_children + get 'child/new', to: 'children#new', as: :new_child + post 'child/new', to: 'children#add', as: :add_child + get 'child/edit/:id', to: 'children#edit', as: :edit_child + get 'child/:id', to: 'children#show', as: :child + patch 'child/:id', to: 'children#update', as: :update_child - get 'staff', to: 'staff#index', as: :list_staff - - get 'users', to: 'users#index', as: :list_users + get 'users', to: 'users#index', as: :list_users + get 'user/new', to: 'users#new', as: :new_user + post 'user/new', to: 'users#register', as: :add_user + get 'user/edit/:id', to: 'users#edit', as: :edit_user + get 'user/:id', to: 'users#show', as: :user + patch 'user/edit/:id', to: 'users#update', as: :update_user get 'pages', to: 'pages#index', as: :list_pages get 'page/(:id)', to: 'pages#page', as: :page_person diff --git a/test/controllers/staff_controller_test.rb b/test/controllers/staff_controller_test.rb deleted file mode 100644 index 4af47bf..0000000 --- a/test/controllers/staff_controller_test.rb +++ /dev/null @@ -1,7 +0,0 @@ -require 'test_helper' - -class StaffControllerTest < ActionController::TestCase - # test "the truth" do - # assert true - # end -end