feat(users): Adds ability to view all users and admins (#216)

* feat(users): Adds ability to view all users and admins
refactor(admins): Moves hard-coded strings to en.yml

* style(users): Removes whitespace for style

Co-authored-by: Peter Kos <pkos91@icloud.com>

app/assets/javascripts/manage/lib/setupDataTables.js

@@ -17,6 +17,23 @@ var setupDataTables = function () {
   });
 
   $('.datatable.users').DataTable({
+    order: [5, 'desc'],
+    columns: [
+      { orderable: true, data: 'id', visible: false },
+      { orderable: true, data: 'email' },
+      { orderable: true, data: 'role' },
+      { orderable: false, data: 'questionnaire'},
+      { orderable: true, data: 'active' },
+      { orderable: true, data: 'created_at' },
+      { orderable: true, data: 'current_sign_in_at', visible: false },
+      { orderable: true, data: 'last_sign_in_at', visible: false },
+      { orderable: true, data: 'current_sign_in_ip', visible: false },
+      { orderable: true, data: 'last_sign_in_ip', visible: false },
+      { orderable: true, data: 'sign_in_count', visible: false },
+    ],
+  });
+
+  $('.datatable.admins').DataTable({
     order: [1, 'asc'],
     columns: [
       { orderable: true, data: 'id', visible: false },
@@ -29,7 +46,7 @@ var setupDataTables = function () {
       { orderable: true, data: 'last_sign_in_at', visible: false },
       { orderable: true, data: 'current_sign_in_ip', visible: false },
       { orderable: true, data: 'last_sign_in_ip', visible: false },
-      { orderable: true, data: 'sign_in_count', visible: false },
+      { orderable: true, data: 'sign_in_count', visible: true },
     ],
   });
 

app/controllers/manage/questionnaires_controller.rb

@@ -93,7 +93,7 @@ def convert_to_admin
     user = @questionnaire.user
     @questionnaire.destroy
     user.update_attributes(role: :admin)
-    redirect_to edit_manage_admin_path(user)
+    redirect_to edit_manage_user_path(user)
   end
 
   def destroy

app/controllers/manage/admins_controller.rb → app/controllers/manage/users_controller.rb

@@ -1,4 +1,5 @@
-class Manage::AdminsController < Manage::ApplicationController
+class Manage::UsersController < Manage::ApplicationController
+  before_action :require_full_admin
   before_action :find_user, only: [:show, :edit, :update, :destroy]
 
   respond_to :html, :json
@@ -7,43 +8,34 @@ def index
     respond_with(:manage, User.where(role: [:admin, :admin_limited_access, :event_tracking]))
   end
 
-  def datatable
-    render json: AdminDatatable.new(params, view_context: view_context)
+  def user_datatable
+    render json: UserDatatable.new(params, view_context: view_context)
   end
 
-  def show
-    respond_with(:manage, @user)
+  def admin_datatable
+    render json: AdminDatatable.new(params, view_context: view_context)
   end
 
-  def new
-    @user = ::User.new
+  def show
     respond_with(:manage, @user)
   end
 
   def edit
   end
 
-  def create
-    @user = ::User.new(user_params.merge(password: Devise.friendly_token.first(10)))
-    if @user.save
-      @user.send_reset_password_instructions
-      flash[:notice] = "Created account for #{@user.email} and sent email with link to set a password"
-    end
-    respond_with(:manage, @user, location: manage_admins_path)
-  end
-
   def update
     @user.update_attributes(user_params)
-    respond_with(:manage, @user, location: manage_admins_path)
+    respond_with(:manage, @user, location: manage_users_path)
   end
 
   def destroy
+    if @user.questionnaire.present?
+      @user.questionnaire.destroy
+    end
     @user.destroy
-    respond_with(:manage, @user, location: manage_admins_path)
+    respond_with(:manage, @user, location: manage_users_path)
   end
 
-  private
-
   def user_params
     params.require(:user).permit(
       :email, :password, :password_confirmation, :remember_me, :role, :is_active, :receive_weekly_report

app/datatables/admin_datatable.rb

@@ -1,5 +1,5 @@
 class AdminDatatable < ApplicationDatatable
-  def_delegators :@view, :link_to, :manage_admin_path, :bold, :display_datetime
+  def_delegators :@view, :link_to, :manage_user_path, :bold, :display_datetime
 
   def view_columns
     @view_columns ||= {
@@ -23,7 +23,7 @@ def data
     records.map do |record|
       {
         id: record.id,
-        email: link_to(bold(record.email), manage_admin_path(record)),
+        email: link_to(bold(record.email), manage_user_path(record)),
         role: record.role.titleize,
         active: record.is_active ? '<span class="badge badge-secondary">Active</span>'.html_safe : '<span class="badge badge-danger">Inactive<span>'.html_safe,
         receive_weekly_report: yes_no_display(record.receive_weekly_report),

app/datatables/user_datatable.rb

@@ -0,0 +1,42 @@
+class UserDatatable < ApplicationDatatable
+  def_delegators :@view, :link_to, :manage_user_path, :manage_questionnaire_path, :bold, :display_datetime
+
+  def view_columns
+    @view_columns ||= {
+      id: { source: "User.id" },
+      email: { source: "User.email" },
+      role: { source: "User.role", searchable: false },
+      active: { source: "User.is_active", searchable: false },
+      created_at: { source: "User.created_at", searchable: false },
+      current_sign_in_at: { source: "User.current_sign_in_at", searchable: false },
+      last_sign_in_at: { source: "User.last_sign_in_at", searchable: false },
+      current_sign_in_ip: { source: "User.current_sign_in_ip" },
+      last_sign_in_ip: { source: "User.last_sign_in_ip" },
+      sign_in_count: { source: "User.sign_in_count", searchable: false },
+    }
+  end
+
+  private
+
+  def data
+    records.map do |record|
+      {
+        id: record.id,
+        email: link_to(bold(record.email), manage_user_path(record)),
+        role: record.role.titleize,
+        questionnaire: record.questionnaire.present? ? link_to(bold("View &raquo;".html_safe), manage_questionnaire_path(record.questionnaire.id)) : 'None',
+        active: record.is_active ? '<span class="badge badge-secondary">Active</span>'.html_safe : '<span class="badge badge-danger">Inactive<span>'.html_safe,
+        created_at: display_datetime(record.created_at),
+        current_sign_in_at: display_datetime(record.current_sign_in_at),
+        last_sign_in_at: display_datetime(record.last_sign_in_at),
+        current_sign_in_ip: record.current_sign_in_ip == "::1" ? "127.0.0.1" : record.current_sign_in_ip,
+        last_sign_in_ip: record.last_sign_in_ip == "::1" ? "127.0.0.1" : record.last_sign_in_ip,
+        sign_in_count: record.sign_in_count,
+      }
+    end
+  end
+
+  def get_raw_records
+    User.all
+  end
+end

app/views/layouts/manage/application.html.haml

@@ -38,10 +38,11 @@
                 = active_link_to manage_checkins_path, class: "nav-link" do
                   .fa.fa-drivers-license-o.fa-fw.icon-space-r-half
                   Check-in
-              %li.nav-item
-                = active_link_to manage_admins_path, class: "nav-link" do
-                  .fa.fa-users.fa-fw.icon-space-r-half
-                  Admins
+              - if current_user.admin?
+                %li.nav-item
+                  = active_link_to manage_users_path, class: "nav-link" do
+                    .fa.fa-users.fa-fw.icon-space-r-half
+                    = t(:title, scope: 'pages.manage.users')
               %li.nav-item
                 = active_link_to manage_messages_path, class: "nav-link" do
                   .fa.fa-bullhorn.fa-fw.icon-space-r-half

app/views/manage/trackable_events/show.html.haml

@@ -11,7 +11,7 @@
   = link_to @trackable_event.trackable_tag.name, manage_trackable_tag_path(@trackable_event.trackable_tag)
 %p
   %b User:
-  = link_to @trackable_event.user.email, manage_admin_path(@trackable_event.user)
+  = link_to @trackable_event.user.email, manage_user_path(@trackable_event.user)
 
 = link_to 'Edit', edit_manage_trackable_event_path(@trackable_event)
 \|

app/views/manage/users/_form.html.haml

@@ -0,0 +1,15 @@
+.form-container
+  = bs_horizontal_simple_form_for @user, url: url_for(action: "update", controller: "users"), html: { "data-validate" => "form" } do |f|
+
+    - if f.error_notification.present?
+      #disclaimer
+        = f.error_notification
+
+    .form-inputs
+      = f.input :email, input_html: { "data-validate" => "presence" }, required: true
+      = f.input :role, collection: User.roles.to_a.collect{|c| [c[0].titleize, c[0]]}, include_blank: false
+      = f.input :is_active, collection: [[t(:active, scope: "pages.manage.users.edit.form"), true], [t(:inactive, scope: "pages.manage.users.edit.form"), false]], as: :radio_buttons
+      = f.input :receive_weekly_report, collection: [[t(:yes, scope: "pages.manage.users.edit.form"), true], [t(:no, scope: "pages.manage.users.edit.form"), false]], as: :radio_buttons
+
+    .center
+      = f.button :submit, value: ( t(:save, scope: "pages.manage.users.edit.form") ), class: 'btn-primary'

app/views/manage/users/edit.html.haml

@@ -0,0 +1,6 @@
+= render "layouts/manage/page_title", title: t(:title, scope: "pages.manage.users.edit", user_email: @user.email), subtitle: @user.email do
+  .btn-group
+    = link_to t(:cancel, scope: "pages.manage.users.edit"), manage_user_path(@user), class: 'btn btn-sm btn-outline-secondary'
+    = link_to t(:delete, scope: "pages.manage.users.edit"), manage_user_path(@user), method: :delete, data: { confirm: "Are you sure? #{@user.email} will be permanently deleted. This action is irreversible." }, class: 'btn btn-sm btn-outline-secondary'
+
+= render 'form'

app/views/manage/users/index.html.haml

@@ -0,0 +1,41 @@
+= render "layouts/manage/page_title", title: t(:title, scope: 'pages.manage.users')
+
+.row
+  .col
+    %h5.dashboard-container-title
+      = t(:users, scope: 'pages.manage.users')
+    %table.users.datatable.table.table-striped.table-hover{ "data-source" => user_datatable_manage_users_path(format: :json) }
+      %thead
+        %tr
+          %th= t(:id, scope: 'pages.manage.users.table')
+          %th= t(:email, scope: 'pages.manage.users.table')
+          %th= t(:role, scope: 'pages.manage.users.table')
+          %th= t(:questionnaire, scope: 'pages.manage.users.table')
+          %th= t(:login_access, scope: 'pages.manage.users.table')
+          %th= t(:registered_on, scope: 'pages.manage.users.table')
+          %th= t(:signed_in_on, scope: 'pages.manage.users.table')
+          %th= t(:previous_signed_in_on, scope: 'pages.manage.users.table')
+          %th= t(:signed_in_ip, scope: 'pages.manage.users.table')
+          %th= t(:previous_signed_in_ip, scope: 'pages.manage.users.table')
+          %th= t(:sign_in_count, scope: 'pages.manage.users.table')
+        %tbody
+
+.row
+  .col
+    %h5.dashboard-container-title
+      = t(:staff, scope: 'pages.manage.users', hackathon_name: HackathonConfig['name'])
+    %table.admins.datatable.table.table-striped.table-hover{ "data-source" => admin_datatable_manage_users_path(format: :json) }
+      %thead
+        %tr
+          %th= t(:id, scope: 'pages.manage.users.table')
+          %th= t(:email, scope: 'pages.manage.users.table')
+          %th= t(:role, scope: 'pages.manage.users.table')
+          %th= t(:login_access, scope: 'pages.manage.users.table')
+          %th= t(:weekly_report, scope: 'pages.manage.users.table')
+          %th= t(:registered_on, scope: 'pages.manage.users.table')
+          %th= t(:signed_in_on, scope: 'pages.manage.users.table')
+          %th= t(:previous_signed_in_on, scope: 'pages.manage.users.table')
+          %th= t(:signed_in_ip, scope: 'pages.manage.users.table')
+          %th= t(:previous_signed_in_ip, scope: 'pages.manage.users.table')
+          %th= t(:sign_in_count, scope: 'pages.manage.users.table')
+        %tbody