edit authors, delete users, UI changes

2021-03-21 22:31:58 +01:00 · 2021-03-21 22:31:58 +01:00 · ccb6e23960
commit ccb6e23960
parent e36cc36947
19 changed files with 190 additions and 75 deletions
--- a/2
+++ b/2
@ -24,6 +24,8 @@ gem 'bcrypt', '~> 3.1.7'

 gem 'materialize-sass', '~> 1.0.0'

+gem 'jquery-rails'
+
 # Use Active Storage variant
 # gem 'image_processing', '~> 1.2'

--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -91,6 +91,10 @@ GEM
      concurrent-ruby (~> 1.0)
    jbuilder (2.11.2)
      activesupport (>= 5.0.0)
+    jquery-rails (4.4.0)
+      rails-dom-testing (>= 1, < 3)
+      railties (>= 4.2.0)
+      thor (>= 0.14, < 2.0)
    listen (3.4.1)
      rb-fsevent (~> 0.10, >= 0.10.3)
      rb-inotify (~> 0.9, >= 0.9.10)
@ -241,6 +245,7 @@ DEPENDENCIES
  byebug
  capybara (>= 3.26)
  jbuilder (~> 2.7)
+  jquery-rails
  listen (~> 3.3)
  materialize-sass (~> 1.0.0)
  puma (~> 5.0)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -10,10 +10,18 @@ class ApplicationController < ActionController::Base
    !current_user.nil?
  end

+  protected
+
  def notices_from_errors(record)
    messages = record.errors.messages.map do |attribute, messages|
      messages.map { |message| "#{attribute} #{message}".capitalize }
    end
    messages.flatten
  end
+
+  def ensure_admin
+    unless current_user&.admin?
+      redirect_to '/welcome', notice: 'You are not allowed to perform this action'
+    end
+  end
 end
--- a/app/controllers/authors_controller.rb
+++ b/app/controllers/authors_controller.rb
@ -1,5 +1,28 @@
 class AuthorsController < ApplicationController
+  before_action :ensure_admin
+  before_action :set_author, only: [:edit, :update]
+
  def index
    @authors = Author.all
  end
+
+  def edit
+    @author = Author.find(params[:id])
+  end
+
+  def update
+    if @author.update(author_params)
+      redirect_to '/authors'
+    end
+  end
+
+  private
+
+  def set_author
+    @author = Author.find(params[:id])
+  end
+
+  def author_params
+    params.require(:author).permit(:first_name, :last_name)
+  end
 end
--- a/app/controllers/books_controller.rb
+++ b/app/controllers/books_controller.rb
@ -25,12 +25,6 @@ class BooksController < ApplicationController

  private

-  def ensure_admin
-    unless current_user&.admin?
-      redirect_to '/welcome', notice: 'You are not allowed to perform this action'
-    end
-  end
-
  def set_book
    @book = BooksPresenter.new(Book.find(params[:id]))
  end
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -1,4 +1,10 @@
 class UsersController < ApplicationController
+  before_action :ensure_admin, only: [:destroy]
+
+  def index
+    @users = User.all
+  end
+
  def new
    @user = User.new
  end
@ -45,4 +51,9 @@ class UsersController < ApplicationController
      redirect_to '/welcome', notice: 'Recovery link expired or invalid'
    end
  end
+
+  def destroy
+    User.destroy(params[:id])
+    redirect_to '/users'
+  end
 end
--- a/app/javascript/packs/application.js
+++ b/app/javascript/packs/application.js
@ -4,6 +4,8 @@
 // that code so it'll be compiled.

 //= require materialize
+//= require jquery
+//= require jquery_ujs

 import Rails from "@rails/ujs"
 import Turbolinks from "turbolinks"
--- a/app/views/authors/edit.html.erb
+++ b/app/views/authors/edit.html.erb
@ -0,0 +1,10 @@
+<div class='container'>
+  <h4>Edit author</h4>
+  <%= form_for @author do |f|%>
+    <%= f.label :first_name %>
+    <%= f.text_field :first_name %>
+    <%= f.label :last_name %>
+    <%= f.text_field :last_name %>
+    <%= f.submit 'Save changes', class: 'btn' %>
+  <%end%>
+</div>
--- a/app/views/authors/index.html.erb
+++ b/app/views/authors/index.html.erb
@ -0,0 +1,13 @@
+<div class='container'>
+  <% @authors.each do |author| %>
+    <div class='row'>
+      <div class='col s11'>
+        <%= author.first_name %> <%= author.last_name %>
+      </div>
+
+      <div class='col s1'>
+        <%= link_to 'Edit', edit_author_path(author), class: "btn" %>
+      </div>
+    </div>
+  <% end %>
+</div>
--- a/app/views/books/edit.html.erb
+++ b/app/views/books/edit.html.erb
@ -1,14 +1,16 @@
-<h4>Edit book</h4>
-<%= form_for @book do |f|%>
-  <%= f.label :title %>
-  <%= f.text_field :title %>
-  <%= f.label :price %>
-  <%= f.number_field :price, step: 0.01 %>
-  <label>
-    <div>
-      <%= f.check_box :published, class: 'filled-in' %>
-      <span>published</span>
-    </div>
-  </label>
-  <%= f.submit 'Save changes', class: 'btn' %>
-<%end%>
+<div class='container'>
+  <h4>Edit book</h4>
+  <%= form_for @book do |f|%>
+    <%= f.label :title %>
+    <%= f.text_field :title %>
+    <%= f.label :price %>
+    <%= f.number_field :price, step: 0.01 %>
+    <label>
+      <div>
+        <%= f.check_box :published, class: 'filled-in' %>
+        <span>published</span>
+      </div>
+    </label>
+    <%= f.submit 'Save changes', class: 'btn' %>
+  <%end%>
+</div>
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@ -8,22 +8,40 @@

    <%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track': 'reload' %>
    <%= javascript_pack_tag 'application', 'data-turbolinks-track': 'reload' %>
+    <%= javascript_include_tag 'rails-ujs' %>
  </head>

  <body>
-    <%= link_to 'Home', '/welcome', method: :get%>
-    <%= link_to 'Books', '/books', method: :get%>
-    <% flash.each do |type, notice| %>
-      <div class='card-panel teal lighten-5'>
-        <% if notice.is_a? String %>
-          <%= notice %>
-        <% else %>
-          <% notice.each do |msg| %>
-            <div><%= msg %></div>
-          <% end %>
+    <div class='container'>
+      <div class='row'>
+        <div class='col s1'>
+          <%= link_to 'Home', '/welcome', method: :get%>
+        </div>
+
+        <div class='col s1'>
+          <%= link_to 'Books', '/books', method: :get%>
+        </div>
+        <% if current_user&.admin? %>
+          <div class='col s1'>
+            <%= link_to 'Authors', '/authors', method: :get%>
+          </div>
+          <div class='col s1'>
+            <%= link_to 'Users', '/users', method: :get%>
+          </div>
        <% end %>
      </div>
-    <% end %>
+      <% flash.each do |type, notice| %>
+        <div class='card-panel teal lighten-5'>
+          <% if notice.is_a? String %>
+            <%= notice %>
+          <% else %>
+            <% notice.each do |msg| %>
+              <div><%= msg %></div>
+            <% end %>
+          <% end %>
+        </div>
+      <% end %>
+    </div>
    <%= yield %>
  </body>
 </html>
--- a/app/views/sessions/new.html.erb
+++ b/app/views/sessions/new.html.erb
@ -1,9 +1,11 @@
-<h4>Login</h4>
-  <%= form_tag '/login' do %>
-  <%= label_tag :email%>
-  <%= text_field_tag :email %>
-  <%= label_tag :password%>
-  <%= password_field_tag :password%>
-  <%= submit_tag "Login", class: 'btn' %>
-<%end%>
-<%= link_to "Password recovery", '/password_recovery_request', method: :get%>
+<div class='container'>
+  <h4>Login</h4>
+    <%= form_tag '/login' do %>
+    <%= label_tag :email%>
+    <%= text_field_tag :email %>
+    <%= label_tag :password%>
+    <%= password_field_tag :password%>
+    <%= submit_tag "Login", class: 'btn' %>
+  <%end%>
+  <%= link_to "Password recovery", '/password_recovery_request', method: :get %>
+</div>
--- a/app/views/sessions/welcome.html.erb
+++ b/app/views/sessions/welcome.html.erb
@ -1,8 +1,10 @@
-<h4>Welcome</h4>
-<% if logged_in? %>
-  You are Logged In, <%= current_user.email %>
-  <%= button_to "Logout", '/logout', method: :get, class: 'btn' %>
-<% else %>
-  <%= button_to "Login", '/login', method: :get, class: 'btn' %>
-  <%= button_to "Sign Up", '/users/new', method: :get, class: 'btn' %>
-<% end %>
+<div class='container'>
+  <h4>Welcome</h4>
+  <% if logged_in? %>
+    You are Logged In, <%= current_user.email %>
+    <%= button_to "Logout", '/logout', method: :get, class: 'btn' %>
+  <% else %>
+    <%= button_to "Login", '/login', method: :get, class: 'btn' %>
+    <%= button_to "Sign Up", '/users/new', method: :get, class: 'btn' %>
+  <% end %>
+</div>
--- a/app/views/users/index.html.erb
+++ b/app/views/users/index.html.erb
@ -0,0 +1,15 @@
+<div class='container'>
+  <% @users.each do |user| %>
+    <div class='row'>
+      <div class='col s3'>
+        <%= user.email %>
+      </div>
+      <div class='col s3'>
+        <%= user.role %>
+      </div>
+      <div class='col s3'>
+        <%= link_to 'Delete', user, method: :delete, class: "btn" %>
+      </div>
+    </div>
+  <% end %>
+</div>
--- a/app/views/users/new.html.erb
+++ b/app/views/users/new.html.erb
@ -1,8 +1,10 @@
-<h4>Sign Up</h4>
-<%= form_for @user do |f|%>
-  <%= f.label :email%>
-  <%= f.text_field :email%>
-  <%= f.label :password%>
-  <%= f.password_field :password%>
-  <%= f.submit 'Sign up', class: 'btn' %>
-<%end%>
+<div class='container'>
+  <h4>Sign Up</h4>
+  <%= form_for @user do |f|%>
+    <%= f.label :email%>
+    <%= f.text_field :email%>
+    <%= f.label :password%>
+    <%= f.password_field :password%>
+    <%= f.submit 'Sign up', class: 'btn' %>
+  <%end%>
+</div>
--- a/app/views/users/password_recovery_request_form.erb
+++ b/app/views/users/password_recovery_request_form.erb
@ -1,7 +1,9 @@
-<h4>Password recovery</h4>
-Provide an email to password recovery
-<%= form_with url: "/password_recovery_request", method: :post do |f| %>
-  <%= f.label :email%><br>
-  <%= f.text_field :email %>
-  <%= f.submit 'Send email', class: 'btn' %>
-<% end %>
+<div class='container'>
+  <h4>Password recovery</h4>
+  Provide an email to password recovery
+  <%= form_with url: "/password_recovery_request", method: :post do |f| %>
+    <%= f.label :email%><br>
+    <%= f.text_field :email %>
+    <%= f.submit 'Send email', class: 'btn' %>
+  <% end %>
+</div>
--- a/app/views/users/recover_password_form.html.erb
+++ b/app/views/users/recover_password_form.html.erb
@ -1,11 +1,13 @@
-<h4>Provide new password</h4>
+<div class='container'>
+  <h4>Provide new password</h4>

-<%= form_with url: '/recover_password', method: :post do |f| %>
-  <%= f.label :password%>
-  <%= f.password_field :password %>
-  <%= f.label :password_confirmation%>
-  <%= f.password_field :password_confirmation %>
-  <%= f.hidden_field :recovery_password, :value => @recovery_password %>
-  <%= f.hidden_field :user_id, :value => @user_id %>
-  <%= f.submit 'Change password', class: 'btn' %>
-<% end %>
+  <%= form_with url: '/recover_password', method: :post do |f| %>
+    <%= f.label :password%>
+    <%= f.password_field :password %>
+    <%= f.label :password_confirmation%>
+    <%= f.password_field :password_confirmation %>
+    <%= f.hidden_field :recovery_password, :value => @recovery_password %>
+    <%= f.hidden_field :user_id, :value => @user_id %>
+    <%= f.submit 'Change password', class: 'btn' %>
+  <% end %>
+</div>
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@ -56,7 +56,8 @@ Rails.application.configure do
  # Debug mode disables concatenation and preprocessing of assets.
  # This option may cause significant delays in view rendering with a large
  # number of complex assets.
-  config.assets.debug = true
+  config.assets.debug = false
+  config.assets.check_precompiled_asset = false

  # Suppress logger output for asset requests.
  config.assets.quiet = true
--- a/config/routes.rb
+++ b/config/routes.rb
@ -1,5 +1,5 @@
 Rails.application.routes.draw do
-  resources :users, only: [:new, :create]
+  resources :users
  get 'login', to: 'sessions#new'
  get 'logout', to: 'sessions#delete'
  post 'login', to: 'sessions#create'
@ -9,4 +9,5 @@ Rails.application.routes.draw do
  get 'recover_password/:id/:recovery_password', to: 'users#recover_password_form'
  post 'recover_password', to: 'users#recover_password'
  resources :books
+  resources :authors
 end