user management

2015-10-20 21:49:59 -05:00 · 2015-10-20 21:49:59 -05:00 · 41ceccc5b5
commit 41ceccc5b5
parent c204389103
17 changed files with 158 additions and 49 deletions
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -21,6 +21,10 @@ Style/IndentationConsistency:
 Style/MethodDefParentheses:
  Enabled: false
 Style/SingleSpaceBeforeFirstArg:
  Exclude:
    - config/routes.rb
 Style/StringLiterals:
  Enabled: false
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -2,7 +2,7 @@ class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
-  before_filter :require_login
+  before_action :require_login
  respond_to :html, :json
  helper :access
--- a/app/controllers/docs_controller.rb
+++ b/app/controllers/docs_controller.rb
@ -1,5 +1,5 @@
 class DocsController < ApplicationController
-  skip_before_filter :require_login
+  skip_before_action :require_login
  def index
    @doc = {
--- a/app/controllers/oauths_controller.rb
+++ b/app/controllers/oauths_controller.rb
@ -1,5 +1,5 @@
 class OauthsController < ApplicationController
-  skip_before_filter :require_login
+  skip_before_action :require_login
  def oauth
    login_at(params[:provider])
--- a/app/controllers/staff_controller.rb
+++ b/app/controllers/staff_controller.rb
@ -1,6 +0,0 @@
 class StaffController < ApplicationController
  def index
    @staff = Person.staff
    respond_with @staff
  end
 end
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -1,6 +1,66 @@
 class UsersController < ApplicationController
  def index
-    @users = Person.admins
+    redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
-    respond_with @users
+
    @admins = Person.admins
    @staff = Person.staff
  end
  def new
    redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
    @user = Person.new
  end
  def register
    redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
    @user = Person.create(user_params)
    if @user
      redirect_to :root, notice: 'Success! We will authorize you soon.'
      return
    else
      render :new
    end
  end
  def edit
    redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
    @user = Person.find_by_id(params[:id])
  end
  def show
    redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
    @user = Person.find_by_id(params[:id])
  end
  def update
    redirect_to root_path, error: "NOT AUTHORIZED" unless verify_admin! current_user
    @user = Person.find(params[:id])
    if @user.update(user_params)
      redirect_to user_path(@user), notice: 'Updated!'
    else
      render :edit
    end
  end
  private
    def verify_admin! user
      user && user.admin?
    end
    def user_params
      params.require(:user).permit(
        :first_name,
        :last_name,
        :phone,
        :email,
        :admin,
        :staff
      )
    end
 end
--- a/app/views/layouts/_navigation.html.haml
+++ b/app/views/layouts/_navigation.html.haml
@ -4,5 +4,4 @@
  %li{ class: active_controller('children') }= link_to 'Children', list_children_path
  %li{ class: active_controller('pages') }= link_to 'Pages', list_pages_path
  - if can_edit_user? current_user
    %li{ class: active_controller('staff') }= link_to 'Staff', list_staff_path
    %li{ class: active_controller('users') }= link_to 'Users', list_users_path
--- a/app/views/staff/_sub_nav.html.haml
+++ b/app/views/staff/_sub_nav.html.haml
@ -1 +0,0 @@
 -# %ul.sub-nav
--- a/app/views/staff/index.html.haml
+++ b/app/views/staff/index.html.haml
@ -1,4 +0,0 @@
 %h1 Staff
 %ul
  - @staff.each do |staff|
    %li= staff.name
--- a/app/views/users/_form.html.haml
+++ b/app/views/users/_form.html.haml
@ -0,0 +1,29 @@
 %ul.sub-nav
  %li= link_to 'back', :back
 - if @user.errors.full_messages.any?
  .errors
    %h1 Uh oh!
    - @user.errors.full_messages.each do |e|
      %p= e
 = form_for @user, as: :user, url: form_action do |f|
  = f.label :first_name
  = f.text_field :first_name
  = f.label :last_name
  = f.text_field :last_name
  = f.label :phone
  = f.phone_field :phone
  = f.label :email, 'GMAIL ADDRESS'
  = f.email_field :email
  = f.label :admin
  = f.check_box :admin
  = f.label :staff
  = f.check_box :staff
  = f.submit
--- a/app/views/users/_sub_nav.html.haml
+++ b/app/views/users/_sub_nav.html.haml
@ -1 +1,3 @@
-# %ul.sub-nav
+- if can_create_user? current_user
  %ul.sub-nav
    %li= link_to 'New', new_user_path
--- a/app/views/users/edit.html.haml
+++ b/app/views/users/edit.html.haml
@ -0,0 +1,3 @@
 %h2 Edit #{@user.name}
 = render partial: 'form', locals: {form_action: edit_user_path}
--- a/app/views/users/index.html.haml
+++ b/app/views/users/index.html.haml
@ -1,5 +1,13 @@
-%h1 Users
+%h1 Admins
 %ul.index
  - @admins.each do |user|
    %li.name
      = link_to user.name, user_path(user)
      = edit_btn(edit_user_path(user))
-%ul
+%h1 Staff
-  - @users.each do |user|
+%ul.index
-    %li= user.name
+  - @staff.each do |staff|
    %li.name
      = link_to staff.name, user_path(staff)
      = edit_btn(edit_user_path(staff))
--- a/app/views/users/new.html.haml
+++ b/app/views/users/new.html.haml
@ -0,0 +1,3 @@
 %h2 Register a new User
 = render partial: 'form', locals: {form_action: add_user_path}
--- a/app/views/users/show.html.haml
+++ b/app/views/users/show.html.haml
@ -0,0 +1,16 @@
 %h2= @user.name
 %ul.sub-nav
  %li= link_to 'back', :back
  %li= link_to 'edit', edit_user_path(@user)
 %p Email: #{mail_to(@user.email, nil, encode: 'hex')}
 %p Phone: #{number_to_phone @user.phone} #{page_link(@user)}
 - unless @user.children.empty?
  %p Children:
  %ul
    - @user.children.each do |child|
      %li
        = link_to child.name, child_path(child)
        = link_to 'remove', del_parenthood_path(@user, child), method: :delete
--- a/config/routes.rb
+++ b/config/routes.rb
@ -17,13 +17,16 @@ Rails.application.routes.draw do
  get   'children',       to: 'children#index',  as: :list_children
  get   'child/new',      to: 'children#new',    as: :new_child
  post  'child/new',      to: 'children#add',    as: :add_child
-  get 'childdit/:id', to: 'children#edit', as: :edit_child
+  get   'child/edit/:id', to: 'children#edit',   as: :edit_child
  get   'child/:id',      to: 'children#show',   as: :child
  patch 'child/:id',      to: 'children#update', as: :update_child
  get 'staff', to: 'staff#index', as: :list_staff
  get   'users',         to: 'users#index',    as: :list_users
  get   'user/new',      to: 'users#new',      as: :new_user
  post  'user/new',      to: 'users#register', as: :add_user
  get   'user/edit/:id', to: 'users#edit',     as: :edit_user
  get   'user/:id',      to: 'users#show',     as: :user
  patch 'user/edit/:id', to: 'users#update',   as: :update_user
  get 'pages', to: 'pages#index', as: :list_pages
  get 'page/(:id)', to: 'pages#page', as: :page_person
--- a/test/controllers/staff_controller_test.rb
+++ b/test/controllers/staff_controller_test.rb
@ -1,7 +0,0 @@
 require 'test_helper'
 class StaffControllerTest < ActionController::TestCase
  # test "the truth" do
  #   assert true
  # end
 end
		`@ -0,0 +1,3 @@`
							`%h2 Edit #{@user.name}`

							`= render partial: 'form', locals: {form_action: edit_user_path}`
		`@ -0,0 +1,3 @@`
							`%h2 Register a new User`

							`= render partial: 'form', locals: {form_action: add_user_path}`