user management

This commit is contained in:
Mark Moser 2015-10-20 21:49:59 -05:00
parent c204389103
commit 41ceccc5b5
17 changed files with 158 additions and 49 deletions

View File

@ -21,6 +21,10 @@ Style/IndentationConsistency:
Style/MethodDefParentheses: Style/MethodDefParentheses:
Enabled: false Enabled: false
Style/SingleSpaceBeforeFirstArg:
Exclude:
- config/routes.rb
Style/StringLiterals: Style/StringLiterals:
Enabled: false Enabled: false

View File

@ -2,7 +2,7 @@ class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception. # Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead. # For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception protect_from_forgery with: :exception
before_filter :require_login before_action :require_login
respond_to :html, :json respond_to :html, :json
helper :access helper :access

View File

@ -1,5 +1,5 @@
class DocsController < ApplicationController class DocsController < ApplicationController
skip_before_filter :require_login skip_before_action :require_login
def index def index
@doc = { @doc = {

View File

@ -1,5 +1,5 @@
class OauthsController < ApplicationController class OauthsController < ApplicationController
skip_before_filter :require_login skip_before_action :require_login
def oauth def oauth
login_at(params[:provider]) login_at(params[:provider])

View File

@ -1,6 +0,0 @@
class StaffController < ApplicationController
def index
@staff = Person.staff
respond_with @staff
end
end

View File

@ -1,6 +1,66 @@
class UsersController < ApplicationController class UsersController < ApplicationController
def index def index
@users = Person.admins redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
respond_with @users
@admins = Person.admins
@staff = Person.staff
end
def new
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
@user = Person.new
end
def register
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
@user = Person.create(user_params)
if @user
redirect_to :root, notice: 'Success! We will authorize you soon.'
return
else
render :new
end
end
def edit
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
@user = Person.find_by_id(params[:id])
end
def show
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
@user = Person.find_by_id(params[:id])
end
def update
redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
@user = Person.find(params[:id])
if @user.update(user_params)
redirect_to user_path(@user), notice: 'Updated!'
else
render :edit
end
end
private
def verify_admin! user
user && user.admin?
end
def user_params
params.require(:user).permit(
:first_name,
:last_name,
:phone,
:email,
:admin,
:staff
)
end end
end end

View File

@ -4,5 +4,4 @@
%li{ class: active_controller('children') }= link_to 'Children', list_children_path %li{ class: active_controller('children') }= link_to 'Children', list_children_path
%li{ class: active_controller('pages') }= link_to 'Pages', list_pages_path %li{ class: active_controller('pages') }= link_to 'Pages', list_pages_path
- if can_edit_user? current_user - if can_edit_user? current_user
%li{ class: active_controller('staff') }= link_to 'Staff', list_staff_path
%li{ class: active_controller('users') }= link_to 'Users', list_users_path %li{ class: active_controller('users') }= link_to 'Users', list_users_path

View File

@ -1 +0,0 @@
-# %ul.sub-nav

View File

@ -1,4 +0,0 @@
%h1 Staff
%ul
- @staff.each do |staff|
%li= staff.name

View File

@ -0,0 +1,29 @@
%ul.sub-nav
%li= link_to 'back', :back
- if @user.errors.full_messages.any?
.errors
%h1 Uh oh!
- @user.errors.full_messages.each do |e|
%p= e
= form_for @user, as: :user, url: form_action do |f|
= f.label :first_name
= f.text_field :first_name
= f.label :last_name
= f.text_field :last_name
= f.label :phone
= f.phone_field :phone
= f.label :email, 'GMAIL ADDRESS'
= f.email_field :email
= f.label :admin
= f.check_box :admin
= f.label :staff
= f.check_box :staff
= f.submit

View File

@ -1 +1,3 @@
-# %ul.sub-nav - if can_create_user? current_user
%ul.sub-nav
%li= link_to 'New', new_user_path

View File

@ -0,0 +1,3 @@
%h2 Edit #{@user.name}
= render partial: 'form', locals: {form_action: edit_user_path}

View File

@ -1,5 +1,13 @@
%h1 Users %h1 Admins
%ul.index
- @admins.each do |user|
%li.name
= link_to user.name, user_path(user)
= edit_btn(edit_user_path(user))
%ul %h1 Staff
- @users.each do |user| %ul.index
%li= user.name - @staff.each do |staff|
%li.name
= link_to staff.name, user_path(staff)
= edit_btn(edit_user_path(staff))

View File

@ -0,0 +1,3 @@
%h2 Register a new User
= render partial: 'form', locals: {form_action: add_user_path}

View File

@ -0,0 +1,16 @@
%h2= @user.name
%ul.sub-nav
%li= link_to 'back', :back
%li= link_to 'edit', edit_user_path(@user)
%p Email: #{mail_to(@user.email, nil, encode: 'hex')}
%p Phone: #{number_to_phone @user.phone} #{page_link(@user)}
- unless @user.children.empty?
%p Children:
%ul
- @user.children.each do |child|
%li
= link_to child.name, child_path(child)
= link_to 'remove', del_parenthood_path(@user, child), method: :delete

View File

@ -17,13 +17,16 @@ Rails.application.routes.draw do
get 'children', to: 'children#index', as: :list_children get 'children', to: 'children#index', as: :list_children
get 'child/new', to: 'children#new', as: :new_child get 'child/new', to: 'children#new', as: :new_child
post 'child/new', to: 'children#add', as: :add_child post 'child/new', to: 'children#add', as: :add_child
get 'childdit/:id', to: 'children#edit', as: :edit_child get 'child/edit/:id', to: 'children#edit', as: :edit_child
get 'child/:id', to: 'children#show', as: :child get 'child/:id', to: 'children#show', as: :child
patch 'child/:id', to: 'children#update', as: :update_child patch 'child/:id', to: 'children#update', as: :update_child
get 'staff', to: 'staff#index', as: :list_staff
get 'users', to: 'users#index', as: :list_users get 'users', to: 'users#index', as: :list_users
get 'user/new', to: 'users#new', as: :new_user
post 'user/new', to: 'users#register', as: :add_user
get 'user/edit/:id', to: 'users#edit', as: :edit_user
get 'user/:id', to: 'users#show', as: :user
patch 'user/edit/:id', to: 'users#update', as: :update_user
get 'pages', to: 'pages#index', as: :list_pages get 'pages', to: 'pages#index', as: :list_pages
get 'page/(:id)', to: 'pages#page', as: :page_person get 'page/(:id)', to: 'pages#page', as: :page_person

View File

@ -1,7 +0,0 @@
require 'test_helper'
class StaffControllerTest < ActionController::TestCase
# test "the truth" do
# assert true
# end
end