Move admin flash messages to locale file

To streamline the translation of the I18n keys override redirect_to so
that symbol keys are translated. If substitution is required then pass
an array with the last element being the substitution hash.

Also override render so that we can use :alert and :notice in a similar
fashion to how redirect_to uses them with the exception that they go
into flash.now and not the standard flash.

As part of this some logic around admin users was pushed down into the
model instead of the controller so that we can use model based I18n.

app/controllers/admin/admin_controller.rb

@@ -1,11 +1,10 @@
 class Admin::AdminController < ApplicationController
-  include Authentication
+  include Authentication, FlashI18n, FlashRender
 
   before_action :do_not_cache
 
   layout 'admin'
 
   def index
   end
-
 end

app/controllers/admin/admin_users_controller.rb

@@ -1,52 +1,58 @@
 class Admin::AdminUsersController < Admin::AdminController
   before_filter :require_sysadmin
+  before_filter :find_user, only: %i[edit update destroy]
+
+  rescue_from AdminUser::CannotDeleteCurrentUser do
+    redirect_to admin_admin_users_url, alert: :user_is_current_user
+  end
+
+  rescue_from AdminUser::MustBeAtLeastOneAdminUser do
+    redirect_to admin_admin_users_url, alert: :user_count_is_too_low
+  end
 
   def index
-    @users = AdminUser.by_name.paginate(:page => params[:page], :per_page => 50)
+    @users = AdminUser.by_name.paginate(page: params[:page], per_page: 50)
   end
 
   def new
     @user = AdminUser.new
   end
 
   def create
-    @user = AdminUser.create(admin_user_params)
+    @user = AdminUser.new(admin_user_params)
+
     if @user.save
-      redirect_to admin_admin_users_url, notice: "User was successfully created"
+      redirect_to admin_admin_users_url, notice: :user_created
     else
-      render :action => 'new'
+      render :new
     end
   end
 
   def edit
-    @user = AdminUser.find(params[:id])
   end
 
   def update
-    @user = AdminUser.find(params[:id])
-    if @user.update_attributes(admin_user_params)
-      redirect_to admin_admin_users_url, notice: "User was successfully updated"
+    if @user.update(admin_user_params)
+      redirect_to admin_admin_users_url, notice: :user_updated
     else
-      render :action => 'edit'
+      render :edit
     end
   end
 
   def destroy
-    @user = AdminUser.find(params[:id])
-
-    # only destroy if user is not the logged in user and there are at least 2 users
-    if @user == current_user
-      flash[:alert] = "You are not allowed to delete yourself!"
-    elsif AdminUser.count < 2
-      flash[:alert] = "There needs to be at least 1 admin user"
+    if @user.destroy(current_user: current_user)
+      redirect_to admin_admin_users_url, notice: :user_deleted
     else
-      @user.destroy
+      redirect_to admin_admin_users_url, alert: :user_not_deleted
     end
-    redirect_to admin_admin_users_url
   end
 
   protected
 
+  def find_user
+    @user = AdminUser.find(params[:id])
+  end
+
   def admin_user_params
     params.
       require(:admin_user).

app/controllers/admin/debate_outcomes_controller.rb

@@ -15,9 +15,9 @@ def update
     if @debate_outcome.update(debate_outcome_params)
       if send_email_to_petitioners?
         EmailDebateOutcomesJob.run_later_tonight(petition: @petition)
-        message = 'Email will be sent overnight'
+        message = :email_sent_overnight
       else
-        message = 'Updated debate outcome successfully'
+        message = :debate_outcome_updated
       end
 
       redirect_to [:admin, @petition], notice: message

app/controllers/admin/government_response_controller.rb

@@ -15,9 +15,9 @@ def update
     if @government_response.update(government_response_params)
       if send_email_to_petitioners?
         EmailThresholdResponseJob.run_later_tonight(petition: @petition)
-        message = 'Email will be sent overnight'
+        message = :email_sent_overnight
       else
-        message = 'Updated government response successfully'
+        message = :government_response_updated
       end
 
       redirect_to [:admin, @petition], notice: message

app/controllers/admin/invalidations_controller.rb

@@ -18,7 +18,7 @@ def new
 
   def create
     if @invalidation.save
-      redirect_to admin_invalidations_url, notice: "Invalidation created successfully"
+      redirect_to admin_invalidations_url, notice: :invalidation_created
     else
       respond_to do |format|
         format.html { render :new }
@@ -32,69 +32,69 @@ def edit
         format.html
       end
     else
-      redirect_to_index_url notice: "Can't edit invalidations that aren't pending"
+      redirect_to_index_url notice: :invalidation_cant_be_edited
     end
   end
 
   def update
     if @invalidation.pending?
       if @invalidation.update(invalidation_params)
-        redirect_to admin_invalidations_url, notice: "Invalidation updated successfully"
+        redirect_to admin_invalidations_url, notice: :invalidation_updated
       else
         respond_to do |format|
           format.html { render :edit }
         end
       end
     else
-      redirect_to_index_url notice: "Can't edit invalidations that aren't pending"
+      redirect_to_index_url notice: :invalidation_cant_be_edited
     end
   end
 
   def destroy
     if @invalidation.started?
-      redirect_to_index_url notice: "Can't remove invalidations that have started"
+      redirect_to_index_url notice: :invalidation_cant_be_removed
     else
       if @invalidation.destroy
-        redirect_to_index_url notice: "Invalidation removed successfully"
+        redirect_to_index_url notice: :invalidation_removed
       else
-        redirect_to_index_url alert: "Invalidation could not be removed - please contact support"
+        redirect_to_index_url alert: :invalidation_not_removed
       end
     end
   end
 
   def cancel
     if @invalidation.completed?
-      redirect_to_index_url notice: "Can't cancel invalidations that have completed"
+      redirect_to_index_url notice: :invalidation_cant_be_cancelled
     else
       if @invalidation.cancel!
-        redirect_to_index_url notice: "Invalidation cancelled successfully"
+        redirect_to_index_url notice: :invalidation_cancelled
       else
-        redirect_to_index_url alert: "Invalidation could not be cancelled - please contact support"
+        redirect_to_index_url alert: :invalidation_not_cancelled
       end
     end
   end
 
   def count
     if @invalidation.pending?
       if @invalidation.count!
-        redirect_to_index_url notice: "Counted the matching signatures for invalidation #{@invalidation.summary.inspect}"
+        redirect_to_index_url notice: [:invalidation_counted, summary: @invalidation.summary.inspect]
       else
-        redirect_to_index_url alert: "Invalidation could not be counted - please contact support"
+        redirect_to_index_url alert: :invalidation_not_counted
       end
     else
-      redirect_to_index_url notice: "Can't count invalidations that aren't pending"
+      redirect_to_index_url notice: :invalidation_cant_be_counted
     end
   end
 
   def start
     if @invalidation.pending?
       if @invalidation.start!
-        redirect_to_index_url notice: "Enqueued the invalidation #{@invalidation.summary.inspect}"
+        redirect_to_index_url notice: [:invalidation_started, summary: @invalidation.summary.inspect]
       else
-        redirect_to_index_url alert: "Invalidation could not be enqueued - please contact support"
+        redirect_to_index_url alert: :invalidation_not_started
       end
     else
-      redirect_to_index_url notice: "Can't start invalidations that aren't pending"
+      redirect_to_index_url notice: :invalidation_cant_be_started
     end
   end
 

app/controllers/admin/petition_details_controller.rb

@@ -7,7 +7,7 @@ def show
 
   def update
     if @petition.update_attributes(petition_params)
-      redirect_to [:admin, @petition], notice: "Petition has been successfully updated"
+      redirect_to [:admin, @petition], notice: :petition_updated
     else
       render :show
     end

app/controllers/admin/petition_emails_controller.rb

@@ -12,9 +12,9 @@ def create
     if @email.update(email_params)
       if send_email_to_petitioners?
         schedule_email_petitioners_job
-        message = 'Email will be sent overnight'
+        message = :email_sent_overnight
       else
-        message = 'Created other parliamentary business successfully'
+        message = :petition_email_created
       end
 
       redirect_to [:admin, @petition], notice: message
@@ -30,9 +30,9 @@ def update
     if @email.update(email_params)
       if send_email_to_petitioners?
         schedule_email_petitioners_job
-        message = 'Email will be sent overnight'
+        message = :email_sent_overnight
       else
-        message = 'Updated other parliamentary business successfully'
+        message = :petition_email_updated
       end
 
       redirect_to [:admin, @petition], notice: message
@@ -43,9 +43,9 @@ def update
 
   def destroy
     if @email.destroy
-      message = 'Deleted other parliamentary business successfully'
+      message = :petition_email_deleted
     else
-      message = 'Unable to delete other parliamentary business - please contact support'
+      message = :petition_email_not_deleted
     end
 
     redirect_to [:admin, @petition], notice: message

app/controllers/admin/petitions_controller.rb

@@ -26,7 +26,7 @@ def update_scheduled_debate_date
     fetch_petition_for_scheduled_debate_date
     if @petition.update(update_scheduled_debate_date_params)
       EmailDebateScheduledJob.run_later_tonight(petition: @petition)
-      redirect_to admin_petition_url(@petition), notice: "Email will be sent overnight"
+      redirect_to admin_petition_url(@petition), notice: :email_sent_overnight
     else
       render :edit_scheduled_debate_date
     end

app/controllers/admin/profile_controller.rb

@@ -2,34 +2,19 @@ class Admin::ProfileController < Admin::AdminController
   skip_before_filter :check_for_password_change
 
   def edit
-
   end
 
   def update
-    # reset attributes that could be forcing a user to change their password
-    current_user.password_changed_at = Time.current
-    current_user.force_password_reset = false
-
-    update_params = admin_user_params_for_update
-
-    if ! current_user.valid_password?(current_password)
-      current_user.errors.add(:current_password, "is incorrect")
-    elsif current_password == params[:admin_user][:password]
-      current_user.errors.add(:password, "is the same as the current password")
-    elsif update_params[:password].present? and current_user.update_attributes(update_params)
-      flash[:notice] = "Password was successfully updated"
-      redirect_to admin_root_url and return
+    if current_user.update_with_password(admin_user_params)
+      redirect_to admin_root_url, notice: :password_updated
+    else
+      render :edit
     end
-    render :edit
-  end
-
-  def current_password
-    params.require(:admin_user).fetch(:current_password, '')
   end
 
-  def admin_user_params_for_update
-    params.
-      require(:admin_user).
-      permit(:password, :password_confirmation)
+  def admin_user_params
+    params.require(:admin_user).permit(
+      :current_password, :password, :password_confirmation
+    )
   end
 end

app/controllers/admin/rate_limits_controller.rb

@@ -10,7 +10,7 @@ def edit
 
   def update
     if @rate_limit.update(rate_limit_params)
-      redirect_to edit_admin_rate_limits_url, notice: "Rate limits updated successfully"
+      redirect_to edit_admin_rate_limits_url, notice: :rate_limits_updated
     else
       respond_to do |format|
         format.html { render :edit }

app/controllers/admin/schedule_debate_controller.rb

@@ -10,9 +10,9 @@ def update
     if @petition.update_attributes(params_for_update)
       if send_email_to_petitioners?
         EmailDebateScheduledJob.run_later_tonight(petition: @petition)
-        message = 'Email will be sent overnight'
+        message = :email_sent_overnight
       else
-        message = 'Updated the scheduled debate date successfully'
+        message = :debate_date_updated
       end
 
       redirect_to [:admin, @petition], notice: message

app/controllers/admin/searches_controller.rb

@@ -42,7 +42,7 @@ def find_petition_by_id
     begin
       redirect_to admin_petition_url(Petition.find(query.to_i))
     rescue ActiveRecord::RecordNotFound
-      redirect_to admin_petitions_url, alert: "Cannot find petition with id: #{query}"
+      redirect_to admin_petitions_url, alert: [:petition_not_found, query: query.inspect]
     end
   end
 

app/controllers/admin/signatures_controller.rb

@@ -4,28 +4,28 @@ class Admin::SignaturesController < Admin::AdminController
   def validate
     begin
       @signature.validate!
-      redirect_to admin_search_url(q: params[:q]), notice: "Signature validated successfully"
+      redirect_to admin_search_url(q: params[:q]), notice: :signature_validated
     rescue StandardError => e
       Appsignal.send_exception e
-      redirect_to admin_search_url(q: params[:q]), alert: "Signature could not be validated - please contact support"
+      redirect_to admin_search_url(q: params[:q]), alert: :signature_not_validated
     end
   end
 
   def invalidate
     begin
       @signature.invalidate!
-      redirect_to admin_search_url(q: params[:q]), notice: "Signature invalidated successfully"
+      redirect_to admin_search_url(q: params[:q]), notice: :signature_invalidated
     rescue StandardError => e
       Appsignal.send_exception e
-      redirect_to admin_search_url(q: @signature.email), alert: "Signature could not be invalidated - please contact support"
+      redirect_to admin_search_url(q: @signature.email), alert: :signature_not_invalidated
     end
   end
 
   def destroy
     if @signature.destroy
-      redirect_to admin_search_url(q: params[:q]), notice: "Signature removed successfully"
+      redirect_to admin_search_url(q: params[:q]), notice: :signature_deleted
     else
-      redirect_to admin_search_url(q: params[:q]), alert: "Signature could not be removed - please contact support"
+      redirect_to admin_search_url(q: params[:q]), alert: :signature_not_deleted
     end
   end