Added ability to change user roles in admin/users index

2024-09-18 10:42:12 +02:00
parent ace50699fb
commit a169b8fae8
6 changed files with 35 additions and 15 deletions
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -1,6 +1,6 @@
 class Admin::UsersController < ApplicationController
  before_action :set_user, only: [ :show, :update ]
  before_action :authorize!
  before_action :set_user, only: [ :show, :edit ]
  def index
    @users = User.all.order(:lastname, :firstname)
@@ -20,6 +20,14 @@ class Admin::UsersController < ApplicationController
  end
  def update
    authorize! @user
    if @user.update(user_params)
      respond_to do |format|
        format.html { redirect_to admin_users_path }
      end
    else
        render :index, status: :unprocessable_entity
    end
  end
  private
@@ -27,4 +35,8 @@ class Admin::UsersController < ApplicationController
  def set_user
    @user = User.find(params[:id])
  end
  def user_params
    params.require(:user).permit(:role)
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -23,6 +23,8 @@ class User < ApplicationRecord
  normalizes :email, with: -> { _1.strip.downcase }
  AVAILABLE_ROLES = [ :user, :operator, :admin ]
  enum :role, {
    user: "user",
    operator: "operator",
--- a/app/policies/admin/user_policy.rb
+++ b/app/policies/admin/user_policy.rb
@@ -1,2 +1,7 @@
 class Admin::UserPolicy < ApplicationPolicy
  skip_pre_check :allow_admins, only: :change_role?
  def change_role?
    user.admin? and user != record
  end
 end
--- a/app/policies/application_policy.rb
+++ b/app/policies/application_policy.rb
@@ -1,6 +1,6 @@
 # Base class for application policies
 class ApplicationPolicy < ActionPolicy::Base
-  pre_check :allow_admins, :only_verified_users
+  pre_check :allow_admins, :deny_verified_users
  # admin is good! :)
  def allow_admins
@@ -8,7 +8,7 @@ class ApplicationPolicy < ActionPolicy::Base
  end
  # no email verification no rights
-  def only_verified_users
+  def deny_verified_users
    deny! unless user.verified?
  end
--- a/app/views/admin/users/_user_tr.html.erb
+++ b/app/views/admin/users/_user_tr.html.erb
@@ -25,15 +25,17 @@
      </span>
    </td>
    <td class="flex justify-center p-2 py-3 space-x-2">
-      <%= link_to do %>
+      <% User::AVAILABLE_ROLES.each do |role| %>
-        <span class="block bg-gray-300 badge w-28 hover:bg-role-user-light hover:texft-black">User</span>
+        <% if allowed_to? :change_role?, user  %>
-      <% end unless user.user? %>
+          <%= button_to admin_user_path(user), method: :patch, params: { user: { role: role }} do %>
-      <%= link_to do %>
+            <span class="block bg-gray-300 badge w-28 hover:bg-role-<%= role %>-light"><%= role %></span>
-        <span class="block bg-gray-300 badge w-28 hover:bg-role-operator-light hover:texft-black">Operator</span>
+          <% end unless user.role == role.to_s %>
-      <% end unless user.operator? %>
+        <% else %>
-      <%= link_to do %>
+          <% unless user.role == role.to_s %>
-        <span class="block bg-gray-300 badge w-28 hover:bg-role-admin-light hover:texft-black">Admin</span>
+            <span class="block bg-gray-100 badge text-gray-300 w-28"><%= role %></span>
-      <% end unless user.admin? %>
+          <% end %>
        <% end %>
      <% end %>
    </td>
  </tr>
 <% end %>
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -18,9 +18,8 @@ Rails.application.routes.draw do
  end
  resource :profile, only: [ :show, :edit, :destroy ]
  namespace :admin do
-    resource :jobs, only: [ :index ]
+    resources :users, only: [ :index, :show, :update ]
-    resources :users, only: [ :index, :show ]
+    resources :jobs, only: [ :index ]
    resources :jobs
    resource :dashboard, only: [ :show ]
  end
  namespace :operator do