Merge pull request #493 from rubyforgood/326-admins-controller

WIP Fixes #326 Admins Controller, namespaced separately
rubyforgood · Oct 8, 2018 · 08a670c · 08a670c
2 parents e40cb83 + 2cc29b4
commit 08a670c
Show file tree

Hide file tree

Showing 107 changed files with 2,210 additions and 954 deletions.
diff --git a/.gitignore b/.gitignore
@@ -44,3 +44,4 @@ pdx_db_test
 .DS_Store
 .ruby-gemset
 *.pdf
+/spec/example_failures.txt
diff --git a/app/controllers/admin/barcode_items_controller.rb b/app/controllers/admin/barcode_items_controller.rb
@@ -0,0 +1,53 @@
+class Admin::BarcodeItemsController < AdminController
+  def edit
+    @barcode_item = BarcodeItem.find(params[:id])
+  end
+
+  def update
+    @barcode_item = BarcodeItem.find(params[:id])
+    if @barcode_item.update(barcode_item_params)
+      redirect_to admin_barcode_items_path, notice: "Updated Barcode Item!"
+    else
+      flash[:error] = "Failed to update this Barcode Item."
+      render :edit
+    end
+  end
+
+  def index
+    @barcode_items = BarcodeItem.all
+  end
+
+  def new
+    @barcode_item = BarcodeItem.new
+  end
+
+  def create
+    @barcode_item = BarcodeItem.create(barcode_item_params)
+    if @barcode_item.save
+      redirect_to admin_barcode_items_path, notice: "Barcode Item added!"
+    else
+      flash[:error] = "Failed to create Barcode Item."
+      render :new
+    end
+  end
+
+  def show
+    @barcode_item = BarcodeItem.includes(items: [:organization]).find(params[:id])
+    @items = @barcode_item.items
+  end
+
+  def destroy
+    @barcode_item = BarcodeItem.find(params[:id])
+    if @barcode_item.destroy
+      redirect_to admin_barcode_items_path, notice: "Barcode Item deleted!"
+    else
+      redirect_to admin_barcode_items_path, alert: "Failed to delete Barcode Item."
+    end
+  end
+
+  private
+
+  def barcode_item_params
+    params.require(:barcode_item).permit(:name, :key, :category)
+  end
+end
diff --git a/...controllers/canonical_items_controller.rb → ...llers/admin/canonical_items_controller.rb b/...controllers/canonical_items_controller.rb → ...llers/admin/canonical_items_controller.rb
@@ -1,14 +1,12 @@
-class CanonicalItemsController < ApplicationController
-  before_action :authorize_user
-
+class Admin::CanonicalItemsController < AdminController
   def edit
     @canonical_item = CanonicalItem.find(params[:id])
   end
 
   def update
     @canonical_item = CanonicalItem.find(params[:id])
     if @canonical_item.update(canonical_item_params)
-      redirect_to canonical_items_path, notice: "Updated canonical item!"
+      redirect_to admin_canonical_items_path, notice: "Updated canonical item!"
     else
       flash[:error] = "Failed to update this canonical item."
       render :edit
@@ -26,7 +24,7 @@ def new
   def create
     @canonical_item = CanonicalItem.create(canonical_item_params)
     if @canonical_item.save
-      redirect_to canonical_items_path, notice: "Canonical Item added!"
+      redirect_to admin_canonical_items_path, notice: "Canonical Item added!"
     else
       flash[:error] = "Failed to create Canonical Item."
       render :new
@@ -41,18 +39,14 @@ def show
   def destroy
     @canonical_item = CanonicalItem.includes(:items).find(params[:id])
     if !@canonical_item.items.empty? && @canonical_item.destroy
-      redirect_to canonical_items_path, notice: "Canonical Item deleted!"
+      redirect_to admin_canonical_items_path, notice: "Canonical Item deleted!"
     else
-      redirect_to admins_path, alert: "Failed to delete Canonical Item. Are there still items attached?"
+      redirect_to admin_canonical_items_path, alert: "Failed to delete Canonical Item. Are there still items attached?"
     end
   end
 
   private
 
-  def authorize_user
-    verboten! unless current_user.organization_admin
-  end
-
   def canonical_item_params
     params.require(:canonical_item).permit(:name, :key, :category)
   end

diff --git a/app/controllers/admins_controller.rb → ...rollers/admin/organizations_controller.rb b/app/controllers/admins_controller.rb → ...rollers/admin/organizations_controller.rb
@@ -1,14 +1,12 @@
-class AdminsController < ApplicationController
-  before_action :authorize_user
-
+class Admin::OrganizationsController < AdminController
   def edit
     @organization = Organization.find(params[:id])
   end
 
   def update
     @organization = Organization.find(params[:id])
     if @organization.update(organization_params)
-      redirect_to admins_path, notice: "Updated organization!"
+      redirect_to admin_organizations_path, notice: "Updated organization!"
     else
       flash[:error] = "Failed to update this organization."
       render :edit
@@ -19,11 +17,6 @@ def index
     @organizations = Organization.all
   end
 
-  def invite_user
-    User.invite!(email: params[:email], name: params[:name], organization_id: params[:org])
-    redirect_to admins_path, notice: "User invited to organization!"
-  end
-
   def new
     @organization = Organization.new
   end
@@ -32,7 +25,7 @@ def create
     @organization = Organization.create(organization_params)
     if @organization.save
       Organization.seed_items(@organization)
-      redirect_to admins_path, notice: "Organization added!"
+      redirect_to admin_organizations_path, notice: "Organization added!"
     else
       flash[:error] = "Failed to create Organization."
       render :new
@@ -46,19 +39,15 @@ def show
   def destroy
     @organization = Organization.find(params[:id])
     if @organization.destroy
-      redirect_to admins_path, notice: "Organization deleted!"
+      redirect_to admin_organizations_path, notice: "Organization deleted!"
     else
-      redirect_to admins_path, alert: "Failed to delete Organization."
+      redirect_to admin_organizations_path, alert: "Failed to delete Organization."
     end
   end
 
   private
 
-  def authorize_user
-    verboten! unless current_user.organization_admin
-  end
-
   def organization_params
-    params.require(:organization).permit(:name, :short_name, :street, :city, :state, :zipcode, :email, :url, :logo)
+    params.require(:organization).permit(:name, :short_name, :street, :city, :state, :zipcode, :email, :url, :logo, :intake_location)
   end
 end
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
@@ -0,0 +1,40 @@
+class Admin::UsersController < AdminController
+  def index
+    @users = User.all
+  end
+
+  def update; end
+
+  def new
+    @user = User.new
+    @organizations = Organization.all
+  end
+
+  def create
+    @user = User.new(user_params)
+
+    if @user.save
+      @user.invite!(@user)
+      redirect_to admin_users_path, notice: "Created a new user!"
+    else
+      flash[:error] = "Failed to create user"
+      render "admin/users/new"
+    end
+  end
+
+  def destroy
+    @user = User.find_by(id: params[:id])
+    if @user.present?
+      @user.destroy
+      redirect_to admin_users_path, notice: "Deleted that user"
+    else
+      redirect_to admin_users_path, flash: { error: "Couldn't find that user, sorry" }
+    end
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:name, :organization_id, :email, :password, :password_confirmation)
+  end
+end
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
@@ -0,0 +1,10 @@
+class AdminController < ApplicationController
+  before_action :require_admin
+  layout "admin"
+
+  def require_admin
+    verboten! unless current_user.super_admin?
+  end
+
+  def dashboard; end
+end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -10,7 +10,7 @@ class ApplicationController < ActionController::Base
   rescue_from ActiveRecord::RecordNotFound, with: :not_found!
 
   def current_organization
-    @organization ||= Organization.find_by(short_name: params[:organization_id])
+    @organization ||= Organization.find_by(short_name: params[:organization_id]) || current_user&.organization
   end
   helper_method :current_organization
 
@@ -24,14 +24,15 @@ def organization_url_options(options = {})
   def default_url_options(options = {})
     if current_organization.present? && !options.key?(:organization_id)
       options[:organization_id] = current_organization.to_param
-    elsif current_user && !current_user.is_superadmin? && current_user.organization.present?
+    elsif current_user && !current_user.super_admin? && current_user.organization.present?
       options[:organization_id] = current_user.organization.to_param
     end
     options
   end
 
   def authorize_user
-    verboten! unless params[:controller].include?("devise") || current_organization.id == current_user.organization_id
+    # params[:controller].include?("admin") ||
+    verboten! unless params[:controller].include?("devise") || current_user.super_admin? || current_organization.id == current_user.organization_id
   end
 
   def not_found!

diff --git a/app/controllers/barcode_items_controller.rb b/app/controllers/barcode_items_controller.rb
@@ -58,7 +58,7 @@ def update
   def destroy
     begin
       # If the user is a superadmin, they can delete any Barcode
-      if current_user.is_superadmin?
+      if current_user.superadmin?
         barcode = BarcodeItem.find(params[:id])
       # Otherwise it has to be non-global in their organization
       else

diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb
@@ -1,20 +1,40 @@
 class OrganizationsController < ApplicationController
+  before_action :authorize_admin, except: [:show]
+  before_action :authorize_user, only: [:show]
+
+  def show
+    @organization = current_organization
+  end
+
   def edit
     @organization = current_organization
   end
 
   def update
     @organization = current_organization
     if @organization.update(organization_params)
-      redirect_to edit_organization_path(organization_id: current_organization.to_param), notice: "Updated organization!"
+      redirect_to organization_path(@organization), notice: "Updated your organization!"
     else
-      flash[:error] = "Failed to update organization"
+      flash[:error] = "Failed to update your organization."
       render :edit
     end
   end
 
+  def invite_user
+    User.invite!(email: params[:email], name: params[:name], organization_id: params[:org])
+    redirect_to organization_path, notice: "User invited to organization!"
+  end
+
   private
 
+  def authorize_admin
+    verboten! unless current_user.super_admin? || (current_user.organization_admin? && current_organization.id == current_user.organization_id)
+  end
+
+  def authorize_user
+    verboten! unless current_user.super_admin? || (current_organization.id == current_user.organization_id)
+  end
+
   def organization_params
     params.require(:organization).permit(:name, :short_name, :street, :city, :state, :zipcode, :email, :url, :logo, :intake_location)
   end

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -2,38 +2,4 @@ class UsersController < ApplicationController
   def index
     @users = current_organization.users
   end
-
-  def update; end
-
-  def new
-    @user = User.new
-  end
-
-  def create
-    @user = User.new(user_params.merge(organization_id: current_organization.id))
-
-    if @user.save
-      @user.invite!(@user)
-      redirect_to users_path, notice: "Created a new user!"
-    else
-      flash[:error] = "Failed to create user"
-      render :new
-    end
-  end
-
-  def destroy
-    @user = current_organization.users.find_by(id: params[:id])
-    if @user.present?
-      @user.destroy
-      redirect_to users_path, notice: "Deleted that user"
-    else
-      redirect_to users_path, flash: { error: "Couldn't find that user, sorry" }
-    end
-  end
-
-  private
-
-  def user_params
-    params.require(:user).permit(:name, :email, :password, :password_confirmation)
-  end
 end
diff --git a/app/models/adjustment.rb b/app/models/adjustment.rb
@@ -2,7 +2,7 @@
 #
 # Table name: adjustments
 #
-#  id                  :bigint(8)        not null, primary key
+#  id                  :integer          not null, primary key
 #  organization_id     :integer
 #  storage_location_id :integer
 #  comment             :text

diff --git a/app/models/barcode_item.rb b/app/models/barcode_item.rb
@@ -2,7 +2,7 @@
 #
 # Table name: barcode_items
 #
-#  id               :bigint(8)        not null, primary key
+#  id               :integer          not null, primary key
 #  value            :string
 #  barcodeable_id   :integer
 #  quantity         :integer

diff --git a/app/models/diaper_drive_participant.rb b/app/models/diaper_drive_participant.rb
@@ -2,8 +2,7 @@
 #
 # Table name: diaper_drive_participants
 #
-#  id              :bigint(8)        not null, primary key
-#  name            :string
+#  id              :integer          not null, primary key
 #  contact_name    :string
 #  email           :string
 #  phone           :string
@@ -15,6 +14,7 @@
 #  business_name   :string
 #  latitude        :float
 #  longitude       :float
+#
 
 class DiaperDriveParticipant < ApplicationRecord
   require "csv"

diff --git a/app/models/distribution.rb b/app/models/distribution.rb
@@ -2,7 +2,7 @@
 #
 # Table name: distributions
 #
-#  id                  :bigint(8)        not null, primary key
+#  id                  :integer          not null, primary key
 #  comment             :text
 #  created_at          :datetime
 #  updated_at          :datetime

diff --git a/app/models/donation.rb b/app/models/donation.rb
@@ -2,7 +2,7 @@
 #
 # Table name: donations
 #
-#  id                          :bigint(8)        not null, primary key
+#  id                          :integer          not null, primary key
 #  source                      :string
 #  donation_site_id            :integer
 #  created_at                  :datetime
@@ -12,6 +12,7 @@
 #  organization_id             :integer
 #  diaper_drive_participant_id :integer
 #  issued_at                   :datetime
+#  money_raised                :integer
 #
 
 class Donation < ApplicationRecord