ban or unban users

corsego · Jun 20, 2021 · ce1bd0e · ce1bd0e
1 parent e72151d
commit ce1bd0e
Show file tree

Hide file tree

Showing 5 changed files with 34 additions and 6 deletions.
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -2,4 +2,14 @@ class UsersController < ApplicationController
   def index
     @users = User.all
   end
+
+  def ban
+    @user = User.find(params[:id])
+    if @user.access_locked?
+      @user.unlock_access!
+    else
+      @user.lock_access!
+    end
+    redirect_to users_path, notice: "User access locked: #{@user.access_locked?}"
+  end
 end
diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb
@@ -0,0 +1,9 @@
+module UsersHelper
+  def ban_status(user)
+    if user.access_locked?
+      'Unban'
+    else
+      'Ban'
+    end
+  end
+end
diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb
@@ -5,5 +5,8 @@
   <%= user.current_sign_in_ip %>
   <strong>confirmed?</strong>
   <%= user.confirmed? %>
+  <strong>access locked?</strong>
+  <%= user.access_locked? %>
+  <%= link_to ban_status(user), ban_user_path(user), method: :patch %>
   <br>
 <% end %>
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -194,7 +194,8 @@
   # Defines which strategy will be used to lock an account.
   # :failed_attempts = Locks an account after a number of failed attempts to sign in.
   # :none            = No lock strategy. You should handle locking by yourself.
-  config.lock_strategy = :failed_attempts
+  # config.lock_strategy = :failed_attempts
+  config.lock_strategy = :none
 
   # Defines which key will be used when locking and unlocking an account
   # config.unlock_keys = [:email]
@@ -204,17 +205,18 @@
   # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
   # :both  = Enables both strategies
   # :none  = No unlock strategy. You should handle unlocking by yourself.
-  config.unlock_strategy = :both
+  # config.unlock_strategy = :both
+  config.unlock_strategy = :none
 
   # Number of authentication tries before locking an account if lock_strategy
   # is failed attempts.
-  config.maximum_attempts = 3
+  # config.maximum_attempts = 20
 
   # Time interval to unlock the account if :time is enabled as unlock_strategy.
-  config.unlock_in = 1.hour
+  # config.unlock_in = 1.hour
 
   # Warn on the last attempt before the account is locked.
-  config.last_attempt_warning = true
+  # config.last_attempt_warning = true
 
   # ==> Configuration for :recoverable
   #

diff --git a/config/routes.rb b/config/routes.rb
@@ -1,6 +1,10 @@
 Rails.application.routes.draw do
   resources :posts
-  resources :users, only: [:index]
+  resources :users, only: [:index] do
+    member do
+      patch :ban
+    end
+  end
   devise_for :users, controllers: { confirmations: 'users/confirmations' }
   root "dashboard#index"
   get 'dashboard/index'