Added ability to change user roles in admin/users index

2024-09-18 10:42:12 +02:00
parent ace50699fb
commit a169b8fae8
6 changed files with 35 additions and 15 deletions
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -1,6 +1,6 @@
 class Admin::UsersController < ApplicationController
+  before_action :set_user, only: [ :show, :update ]
  before_action :authorize!
-  before_action :set_user, only: [ :show, :edit ]

  def index
    @users = User.all.order(:lastname, :firstname)
@@ -20,6 +20,14 @@ class Admin::UsersController < ApplicationController
  end

  def update
+    authorize! @user
+    if @user.update(user_params)
+      respond_to do |format|
+        format.html { redirect_to admin_users_path }
+      end
+    else
+        render :index, status: :unprocessable_entity
+    end
  end

  private
@@ -27,4 +35,8 @@ class Admin::UsersController < ApplicationController
  def set_user
    @user = User.find(params[:id])
  end
+
+  def user_params
+    params.require(:user).permit(:role)
+  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -23,6 +23,8 @@ class User < ApplicationRecord

  normalizes :email, with: -> { _1.strip.downcase }

+  AVAILABLE_ROLES = [ :user, :operator, :admin ]
+
  enum :role, {
    user: "user",
    operator: "operator",
--- a/app/policies/admin/user_policy.rb
+++ b/app/policies/admin/user_policy.rb
@@ -1,2 +1,7 @@
 class Admin::UserPolicy < ApplicationPolicy
+  skip_pre_check :allow_admins, only: :change_role?
+
+  def change_role?
+    user.admin? and user != record
+  end
 end
--- a/app/policies/application_policy.rb
+++ b/app/policies/application_policy.rb
@@ -1,6 +1,6 @@
 # Base class for application policies
 class ApplicationPolicy < ActionPolicy::Base
-  pre_check :allow_admins, :only_verified_users
+  pre_check :allow_admins, :deny_verified_users

  # admin is good! :)
  def allow_admins
@@ -8,7 +8,7 @@ class ApplicationPolicy < ActionPolicy::Base
  end

  # no email verification no rights
-  def only_verified_users
+  def deny_verified_users
    deny! unless user.verified?
  end

--- a/app/views/admin/users/_user_tr.html.erb
+++ b/app/views/admin/users/_user_tr.html.erb
@@ -25,15 +25,17 @@
      </span>
    </td>
    <td class="flex justify-center p-2 py-3 space-x-2">
-      <%= link_to do %>
-        <span class="block bg-gray-300 badge w-28 hover:bg-role-user-light hover:texft-black">User</span>
-      <% end unless user.user? %>
-      <%= link_to do %>
-        <span class="block bg-gray-300 badge w-28 hover:bg-role-operator-light hover:texft-black">Operator</span>
-      <% end unless user.operator? %>
-      <%= link_to do %>
-        <span class="block bg-gray-300 badge w-28 hover:bg-role-admin-light hover:texft-black">Admin</span>
-      <% end unless user.admin? %>
+      <% User::AVAILABLE_ROLES.each do |role| %>
+        <% if allowed_to? :change_role?, user  %>
+          <%= button_to admin_user_path(user), method: :patch, params: { user: { role: role }} do %>
+            <span class="block bg-gray-300 badge w-28 hover:bg-role-<%= role %>-light"><%= role %></span>
+          <% end unless user.role == role.to_s %>
+        <% else %>
+          <% unless user.role == role.to_s %>
+            <span class="block bg-gray-100 badge text-gray-300 w-28"><%= role %></span>
+          <% end %>
+        <% end %>
+      <% end %>
    </td>
  </tr>
 <% end %>