admin controller, rubyforgood#326, without tests

app/controllers/canonical_items_controller.rb → app/controllers/admin/canonical_items_controller.rb

@@ -1,14 +1,12 @@
-class CanonicalItemsController < ApplicationController
-  before_action :authorize_user
-
+class Admin::CanonicalItemsController < AdminController
   def edit
     @canonical_item = CanonicalItem.find(params[:id])
   end
 
   def update
     @canonical_item = CanonicalItem.find(params[:id])
     if @canonical_item.update(canonical_item_params)
-      redirect_to canonical_items_path, notice: "Updated canonical item!"
+      redirect_to admin_canonical_items_path, notice: "Updated canonical item!"
     else
       flash[:error] = "Failed to update this canonical item."
       render :edit
@@ -26,7 +24,7 @@ def new
   def create
     @canonical_item = CanonicalItem.create(canonical_item_params)
     if @canonical_item.save
-      redirect_to canonical_items_path, notice: "Canonical Item added!"
+      redirect_to admin_canonical_items_path, notice: "Canonical Item added!"
     else
       flash[:error] = "Failed to create Canonical Item."
       render :new
@@ -41,18 +39,14 @@ def show
   def destroy
     @canonical_item = CanonicalItem.includes(:items).find(params[:id])
     if !@canonical_item.items.empty? && @canonical_item.destroy
-      redirect_to canonical_items_path, notice: "Canonical Item deleted!"
+      redirect_to admin_canonical_items_path, notice: "Canonical Item deleted!"
     else
-      redirect_to admins_path, alert: "Failed to delete Canonical Item. Are there still items attached?"
+      redirect_to admin_canonical_items_path, alert: "Failed to delete Canonical Item. Are there still items attached?"
     end
   end
 
   private
 
-  def authorize_user
-    verboten! unless current_user.organization_admin
-  end
-
   def canonical_item_params
     params.require(:canonical_item).permit(:name, :key, :category)
   end

app/controllers/admins_controller.rb → app/controllers/admin/organizations_controller.rb

@@ -1,16 +1,14 @@
-class AdminsController < ApplicationController
-  before_action :authorize_user
-
+class Admin::OrganizationsController < AdminController
   def edit
     @organization = Organization.find(params[:id])
   end
 
   def update
     @organization = Organization.find(params[:id])
-    if @organization.update(organization_params)
-      redirect_to admins_path, notice: "Updated organization!"
+    if @organization.update_attributes(organization_params)
+      redirect_to admin_organizations_path, notice: 'Updated organization!'
     else
-      flash[:error] = "Failed to update this organization."
+      flash[:error] = 'Failed to update this organization.'
       render :edit
     end
   end
@@ -21,7 +19,7 @@ def index
 
   def invite_user
     User.invite!(email: params[:email], name: params[:name], organization_id: params[:org])
-    redirect_to admins_path, notice: "User invited to organization!"
+    redirect_to admin_organizations_path, notice: 'User invited to organization!'
   end
 
   def new
@@ -32,7 +30,7 @@ def create
     @organization = Organization.create(organization_params)
     if @organization.save
       Organization.seed_items(@organization)
-      redirect_to admins_path, notice: "Organization added!"
+      redirect_to admin_organizations_path, notice: "Organization added!"
     else
       flash[:error] = "Failed to create Organization."
       render :new
@@ -46,19 +44,15 @@ def show
   def destroy
     @organization = Organization.find(params[:id])
     if @organization.destroy
-      redirect_to admins_path, notice: "Organization deleted!"
+      redirect_to admin_organizations_path, notice: "Organization deleted!"
     else
-      redirect_to admins_path, alert: "Failed to delete Organization."
+      redirect_to admin_organizations_path, alert: "Failed to delete Organization."
     end
   end
 
   private
 
-  def authorize_user
-    verboten! unless current_user.organization_admin
-  end
-
   def organization_params
-    params.require(:organization).permit(:name, :short_name, :street, :city, :state, :zipcode, :email, :url, :logo)
+    params.require(:organization).permit(:name, :short_name, :street, :city, :state, :zipcode, :email, :url, :logo, :intake_location)
   end
 end

app/controllers/admin/users_controller.rb

@@ -0,0 +1,40 @@
+class Admin::UsersController < AdminController
+  def index
+    @users = User.all
+  end
+
+  def update; end
+
+  def new
+    @user = User.new
+    @organizations = Organization.all
+  end
+
+  def create
+    @user = User.new(user_params)
+
+    if @user.save
+      @user.invite!(@user)
+      redirect_to admin_users_path, notice: "Created a new user!"
+    else
+      flash[:error] = "Failed to create user"
+      render 'admin/users/new'
+    end
+  end
+
+  def destroy
+    @user = User.find_by(id: params[:id])
+    if @user.present?
+      @user.destroy
+      redirect_to admin_users_path, notice: "Deleted that user"
+    else
+      redirect_to admin_users_path, flash: { error: "Couldn't find that user, sorry" }
+    end
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:name, :organization_id, :email, :password, :password_confirmation)
+  end
+end

app/controllers/admin_controller.rb

@@ -0,0 +1,9 @@
+class AdminController < ApplicationController
+  before_action :require_admin
+
+  def require_admin
+    unless current_user.is_superadmin?
+       redirect_to root_path, flash: { error: "Access Denied. Only for SuperAdmin." }
+    end
+  end
+end

app/controllers/application_controller.rb

@@ -31,7 +31,7 @@ def default_url_options(options = {})
   end
 
   def authorize_user
-    verboten! unless params[:controller].include?("devise") || current_organization.id == current_user.organization_id
+    verboten! unless params[:controller].include?("devise") || params[:controller].include?("admin") || current_organization.id == current_user.organization_id
   end
 
   def not_found!

app/controllers/organizations_controller.rb

@@ -1,21 +1,5 @@
 class OrganizationsController < ApplicationController
-  def edit
-    @organization = current_organization
-  end
-
-  def update
-    @organization = current_organization
-    if @organization.update(organization_params)
-      redirect_to edit_organization_path(organization_id: current_organization.to_param), notice: "Updated organization!"
-    else
-      flash[:error] = "Failed to update organization"
-      render :edit
-    end
-  end
-
-  private
-
-  def organization_params
-    params.require(:organization).permit(:name, :short_name, :street, :city, :state, :zipcode, :email, :url, :logo, :intake_location)
+  def show
+    render 'admin/organizations/show'
   end
 end

app/controllers/users_controller.rb

@@ -2,38 +2,4 @@ class UsersController < ApplicationController
   def index
     @users = current_organization.users
   end
-
-  def update; end
-
-  def new
-    @user = User.new
-  end
-
-  def create
-    @user = User.new(user_params.merge(organization_id: current_organization.id))
-
-    if @user.save
-      @user.invite!(@user)
-      redirect_to users_path, notice: "Created a new user!"
-    else
-      flash[:error] = "Failed to create user"
-      render :new
-    end
-  end
-
-  def destroy
-    @user = current_organization.users.find_by(id: params[:id])
-    if @user.present?
-      @user.destroy
-      redirect_to users_path, notice: "Deleted that user"
-    else
-      redirect_to users_path, flash: { error: "Couldn't find that user, sorry" }
-    end
-  end
-
-  private
-
-  def user_params
-    params.require(:user).permit(:name, :email, :password, :password_confirmation)
-  end
 end

app/models/user.rb

@@ -40,6 +40,6 @@ class User < ApplicationRecord
   validates :name, :email, presence: true
 
   def is_superadmin?
-    false
+    superadmin
   end
 end

app/views/canonical_items/_canonical_item_row.html.erb → app/views/admin/canonical_items/_canonical_item_row.html.erb

@@ -3,8 +3,8 @@
   <td><%= canonical_item_row.category %></td>
   <td><%= canonical_item_row.item_count %></td>
   <td class="text-right">
-    <%= link_to "View", canonical_item_row, class: "btn btn-primary btn-xs"  %>
-    <%= link_to edit_canonical_item_path(canonical_item_row), class: "btn btn-info btn-xs" do %>
+    <%= link_to "View", admin_canonical_item_path(canonical_item_row), class: "btn btn-primary btn-xs"  %>
+    <%= link_to edit_admin_canonical_item_path(canonical_item_row), class: "btn btn-info btn-xs" do %>
       <i class="fa fa-edit"></i> Edit
     <% end %>
   </td>

app/views/canonical_items/_form.html.erb → app/views/admin/canonical_items/_form.html.erb

@@ -1,7 +1,7 @@
 <% submit_text ||= form.submit_text %>
 
 <div class="box-body">
-  <%= simple_form_for form, html: { class: 'form-horizontal' } do |f| %>
+  <%= simple_form_for form, html: { class: 'form-horizontal' },  url: admin_canonical_item_path do |f| %>
     <%= f.input :name, label: "Name", wrapper: :vertical_input_group do %>
       <span class="input-group-addon"><i class="fa fa-tag"></i></span>
       <%= f.input_field :name, class: "form-control" %>

app/views/canonical_items/edit.html.erb → app/views/admin/canonical_items/edit.html.erb

@@ -8,7 +8,7 @@
     <i class="fa fa-dashboard"></i> Home
   <% end %>
   </li>
-  <li><%= link_to "All Canonical Items", (canonical_items_path) %></li>  
+  <li><%= link_to "All Canonical Items", (admin_canonical_items_path) %></li>
   <li class="active">Editing <%= @canonical_item.name %></li>
 </ol>
 </section>

app/views/canonical_items/index.html.erb → app/views/admin/canonical_items/index.html.erb

@@ -36,4 +36,5 @@
       </div><!-- /.row -->
     </div><!-- /.box-body -->
   </div><!-- /.box -->
+  </div>
 </section><!-- /.content -->

app/views/canonical_items/new.html.erb → app/views/admin/canonical_items/new.html.erb

@@ -8,7 +8,7 @@
       <i class="fa fa-dashboard"></i> Home
     <% end %>
     </li>
-    <li><%= link_to "All Canonical Items", (canonical_items_path) %></li>  
+    <li><%= link_to "All Canonical Items", (admin_canonical_items_path) %></li>
     <li class="active"> New Canonical Item</li>
   </ol>
 </section>

app/views/canonical_items/show.html.erb → app/views/admin/canonical_items/show.html.erb

@@ -9,7 +9,7 @@
       <i class="fa fa-dashboard"></i> Home
     <% end %>
     </li>
-    <li><%= link_to "Canonical Items", (canonical_items_path) %></li>  
+    <li><%= link_to "Canonical Items", (admin_canonical_items_path) %></li>
     <li class="active"> <%= @canonical_item.name %></li>
   </ol>
 </section>

app/views/admin/organizations/_organization_row.html.erb

@@ -0,0 +1,12 @@
+<tr>
+  <td><%= organization_row.name %></td>
+  <td><%= link_to organization_row.email, "mailto:#{organization_row.email}" %></td>
+  <td class="text-right">
+      <%= link_to edit_admin_organization_path(organization_row.id), class: "btn btn-info btn-xs" do %>
+        <%= fa_icon "edit" %> Edit
+      <% end %>
+      <%= link_to admin_organization_path(organization_row.id), method: :delete,  data: { confirm: confirm_delete_msg(organization_row.name) },  class: "btn btn-danger btn-xs" do %>
+        <%= fa_icon "trash" %> Delete
+      <% end unless (Organization.count <= 1) %>
+  </td>
+</tr>

app/views/admins/edit.html.erb → app/views/admin/organizations/edit.html.erb

@@ -9,7 +9,7 @@ Editing
     <i class="fa fa-dashboard"></i> Home
   <% end %>
   </li>
-  <li><%= link_to "Administration", (admins_path(organization_id: current_user.organization)) %></li>
+  <li><%= link_to "Administration", (admin_organizations_path) %></li>
   <li><a href="#">Editing <%= @organization.name %></a></li>
 </ol>
 </section>
@@ -23,7 +23,7 @@ Editing
   <h3 class="box-title">Update record for <%= current_organization.name %></h3>
 </div>
 <div class="box-body">
-<%= simple_form_for @organization, url: admin_path do |f| %>
+<%= simple_form_for @organization, url: admin_organization_path do |f| %>
 
 <div class="form-inputs">
   <%= f.input :name, required: true, autofocus: true %>

app/views/admin/organizations/index.html.erb

@@ -0,0 +1,50 @@
+<section class="content-header">
+  <% content_for :title, "Admin - Organizations" %>
+  <h1>
+    All Diaperbase Organizations
+    <small></small>
+  </h1>
+  <ol class="breadcrumb">
+    <li><%= link_to(dashboard_path(organization_id: current_user.organization)) do %>
+        <i class="fa fa-dashboard"></i> Home
+      <% end %>
+    </li>
+    <li><a href="#">All Diaperbase organizations</a></li>
+  </ol>
+</section>
+
+<!-- Main content -->
+<section class="content">
+  <!-- Default box -->
+  <div class="box">
+    <div class="box-body">
+      <div class="text-right">
+        <%= link_to new_admin_organization_path, class: "btn btn-success" do %>
+          <%= fa_icon "plus" %> Add New Organization
+        <% end %>
+      </div>
+      <div class="row">
+        <div class="col-xs-12">
+          <!-- /.box-header -->
+          <div class="box-body table-responsive no-padding">
+            <table class="table table-hover">
+              <thead>
+              <tr>
+                <th>Organization</th>
+                <th>Contact E-mail</th>
+                <th class="text-right">Actions</th>
+
+              </tr>
+              </thead>
+              <tbody>
+              <%= render partial: "organization_row", collection: @organizations %>
+              </tbody>
+            </table>
+            <!-- /.box-body -->
+          </div>
+          <!-- /.box -->
+        </div>
+      </div>
+    </div>
+  </div>
+</section>

app/views/admins/new.html.erb → app/views/admin/organizations/new.html.erb

@@ -9,7 +9,7 @@ New Organization
     <i class="fa fa-dashboard"></i> Home
   <% end %>
   </li>
-  <li><%= link_to "Administration", (admins_path(organization_id: current_user.organization)) %></li>
+  <li><%= link_to "Administration", new_admin_organization_path %></li>
   <li><a href="#">New Organization</a></li>
 </ol>
 </section>
@@ -23,7 +23,7 @@ New Organization
   <h3 class="box-title">Add New Diaperbase Organization</h3>
 </div>
 <div class="box-body">
-<%= simple_form_for @organization, url: admins_path do |f| %>
+<%= simple_form_for @organization, url: admin_organizations_path do |f| %>
 
 <div class="form-inputs">
   <%= f.input :name, required: true, autofocus: true %>