edit authors, delete users, UI changes

app/controllers/application_controller.rb

@@ -10,10 +10,18 @@ class ApplicationController < ActionController::Base
     !current_user.nil?
   end
 
+  protected
+
   def notices_from_errors(record)
     messages = record.errors.messages.map do |attribute, messages|
       messages.map { |message| "#{attribute} #{message}".capitalize }
     end
     messages.flatten
   end
+
+  def ensure_admin
+    unless current_user&.admin?
+      redirect_to '/welcome', notice: 'You are not allowed to perform this action'
+    end
+  end
 end

app/controllers/authors_controller.rb

@@ -1,5 +1,28 @@
 class AuthorsController < ApplicationController
+  before_action :ensure_admin
+  before_action :set_author, only: [:edit, :update]
+
   def index
     @authors = Author.all
   end
+
+  def edit
+    @author = Author.find(params[:id])
+  end
+
+  def update
+    if @author.update(author_params)
+      redirect_to '/authors'
+    end
+  end
+
+  private
+
+  def set_author
+    @author = Author.find(params[:id])
+  end
+
+  def author_params
+    params.require(:author).permit(:first_name, :last_name)
+  end
 end

app/controllers/books_controller.rb

@@ -25,12 +25,6 @@ class BooksController < ApplicationController
 
   private
 
-  def ensure_admin
-    unless current_user&.admin?
-      redirect_to '/welcome', notice: 'You are not allowed to perform this action'
-    end
-  end
-
   def set_book
     @book = BooksPresenter.new(Book.find(params[:id]))
   end

app/controllers/users_controller.rb

@@ -1,4 +1,10 @@
 class UsersController < ApplicationController
+  before_action :ensure_admin, only: [:destroy]
+
+  def index
+    @users = User.all
+  end
+
   def new
     @user = User.new
   end
@@ -45,4 +51,9 @@ class UsersController < ApplicationController
       redirect_to '/welcome', notice: 'Recovery link expired or invalid'
     end
   end
+
+  def destroy
+    User.destroy(params[:id])
+    redirect_to '/users'
+  end
 end

app/javascript/packs/application.js

@@ -4,6 +4,8 @@
 // that code so it'll be compiled.
 
 //= require materialize
+//= require jquery
+//= require jquery_ujs
 
 import Rails from "@rails/ujs"
 import Turbolinks from "turbolinks"

app/views/authors/edit.html.erb

@@ -0,0 +1,10 @@
+<div class='container'>
+  <h4>Edit author</h4>
+  <%= form_for @author do |f|%>
+    <%= f.label :first_name %>
+    <%= f.text_field :first_name %>
+    <%= f.label :last_name %>
+    <%= f.text_field :last_name %>
+    <%= f.submit 'Save changes', class: 'btn' %>
+  <%end%>
+</div>

app/views/authors/index.html.erb

@@ -0,0 +1,13 @@
+<div class='container'>
+  <% @authors.each do |author| %>
+    <div class='row'>
+      <div class='col s11'>
+        <%= author.first_name %> <%= author.last_name %>
+      </div>
+
+      <div class='col s1'>
+        <%= link_to 'Edit', edit_author_path(author), class: "btn" %>
+      </div>
+    </div>
+  <% end %>
+</div>

app/views/books/edit.html.erb

@@ -1,14 +1,16 @@
-<h4>Edit book</h4>
-<%= form_for @book do |f|%>
-  <%= f.label :title %>
-  <%= f.text_field :title %>
-  <%= f.label :price %>
-  <%= f.number_field :price, step: 0.01 %>
-  <label>
-    <div>
-      <%= f.check_box :published, class: 'filled-in' %>
-      <span>published</span>
-    </div>
-  </label>
-  <%= f.submit 'Save changes', class: 'btn' %>
-<%end%>
+<div class='container'>
+  <h4>Edit book</h4>
+  <%= form_for @book do |f|%>
+    <%= f.label :title %>
+    <%= f.text_field :title %>
+    <%= f.label :price %>
+    <%= f.number_field :price, step: 0.01 %>
+    <label>
+      <div>
+        <%= f.check_box :published, class: 'filled-in' %>
+        <span>published</span>
+      </div>
+    </label>
+    <%= f.submit 'Save changes', class: 'btn' %>
+  <%end%>
+</div>

app/views/layouts/application.html.erb

@@ -8,22 +8,40 @@
 
     <%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track': 'reload' %>
     <%= javascript_pack_tag 'application', 'data-turbolinks-track': 'reload' %>
+    <%= javascript_include_tag 'rails-ujs' %>
   </head>
 
   <body>
-    <%= link_to 'Home', '/welcome', method: :get%>
-    <%= link_to 'Books', '/books', method: :get%>
-    <% flash.each do |type, notice| %>
-      <div class='card-panel teal lighten-5'>
-        <% if notice.is_a? String %>
-          <%= notice %>
-        <% else %>
-          <% notice.each do |msg| %>
-            <div><%= msg %></div>
-          <% end %>
+    <div class='container'>
+      <div class='row'>
+        <div class='col s1'>
+          <%= link_to 'Home', '/welcome', method: :get%>
+        </div>
+
+        <div class='col s1'>
+          <%= link_to 'Books', '/books', method: :get%>
+        </div>
+        <% if current_user&.admin? %>
+          <div class='col s1'>
+            <%= link_to 'Authors', '/authors', method: :get%>
+          </div>
+          <div class='col s1'>
+            <%= link_to 'Users', '/users', method: :get%>
+          </div>
         <% end %>
       </div>
-    <% end %>
+      <% flash.each do |type, notice| %>
+        <div class='card-panel teal lighten-5'>
+          <% if notice.is_a? String %>
+            <%= notice %>
+          <% else %>
+            <% notice.each do |msg| %>
+              <div><%= msg %></div>
+            <% end %>
+          <% end %>
+        </div>
+      <% end %>
+    </div>
     <%= yield %>
   </body>
 </html>

app/views/sessions/new.html.erb

@@ -1,9 +1,11 @@
-<h4>Login</h4>
-  <%= form_tag '/login' do %>
-  <%= label_tag :email%>
-  <%= text_field_tag :email %>
-  <%= label_tag :password%>
-  <%= password_field_tag :password%>
-  <%= submit_tag "Login", class: 'btn' %>
-<%end%>
-<%= link_to "Password recovery", '/password_recovery_request', method: :get%>
+<div class='container'>
+  <h4>Login</h4>
+    <%= form_tag '/login' do %>
+    <%= label_tag :email%>
+    <%= text_field_tag :email %>
+    <%= label_tag :password%>
+    <%= password_field_tag :password%>
+    <%= submit_tag "Login", class: 'btn' %>
+  <%end%>
+  <%= link_to "Password recovery", '/password_recovery_request', method: :get %>
+</div>

app/views/sessions/welcome.html.erb

@@ -1,8 +1,10 @@
-<h4>Welcome</h4>
-<% if logged_in? %>
-  You are Logged In, <%= current_user.email %>
-  <%= button_to "Logout", '/logout', method: :get, class: 'btn' %>
-<% else %>
-  <%= button_to "Login", '/login', method: :get, class: 'btn' %>
-  <%= button_to "Sign Up", '/users/new', method: :get, class: 'btn' %>
-<% end %>
+<div class='container'>
+  <h4>Welcome</h4>
+  <% if logged_in? %>
+    You are Logged In, <%= current_user.email %>
+    <%= button_to "Logout", '/logout', method: :get, class: 'btn' %>
+  <% else %>
+    <%= button_to "Login", '/login', method: :get, class: 'btn' %>
+    <%= button_to "Sign Up", '/users/new', method: :get, class: 'btn' %>
+  <% end %>
+</div>

app/views/users/index.html.erb

@@ -0,0 +1,15 @@
+<div class='container'>
+  <% @users.each do |user| %>
+    <div class='row'>
+      <div class='col s3'>
+        <%= user.email %>
+      </div>
+      <div class='col s3'>
+        <%= user.role %>
+      </div>
+      <div class='col s3'>
+        <%= link_to 'Delete', user, method: :delete, class: "btn" %>
+      </div>
+    </div>
+  <% end %>
+</div>

app/views/users/new.html.erb

@@ -1,8 +1,10 @@
-<h4>Sign Up</h4>
-<%= form_for @user do |f|%>
-  <%= f.label :email%>
-  <%= f.text_field :email%>
-  <%= f.label :password%>
-  <%= f.password_field :password%>
-  <%= f.submit 'Sign up', class: 'btn' %>
-<%end%>
+<div class='container'>
+  <h4>Sign Up</h4>
+  <%= form_for @user do |f|%>
+    <%= f.label :email%>
+    <%= f.text_field :email%>
+    <%= f.label :password%>
+    <%= f.password_field :password%>
+    <%= f.submit 'Sign up', class: 'btn' %>
+  <%end%>
+</div>

app/views/users/password_recovery_request_form.erb

@@ -1,7 +1,9 @@
-<h4>Password recovery</h4>
-Provide an email to password recovery
-<%= form_with url: "/password_recovery_request", method: :post do |f| %>
-  <%= f.label :email%><br>
-  <%= f.text_field :email %>
-  <%= f.submit 'Send email', class: 'btn' %>
-<% end %>
+<div class='container'>
+  <h4>Password recovery</h4>
+  Provide an email to password recovery
+  <%= form_with url: "/password_recovery_request", method: :post do |f| %>
+    <%= f.label :email%><br>
+    <%= f.text_field :email %>
+    <%= f.submit 'Send email', class: 'btn' %>
+  <% end %>
+</div>

app/views/users/recover_password_form.html.erb

@@ -1,11 +1,13 @@
-<h4>Provide new password</h4>
+<div class='container'>
+  <h4>Provide new password</h4>
 
-<%= form_with url: '/recover_password', method: :post do |f| %>
-  <%= f.label :password%>
-  <%= f.password_field :password %>
-  <%= f.label :password_confirmation%>
-  <%= f.password_field :password_confirmation %>
-  <%= f.hidden_field :recovery_password, :value => @recovery_password %>
-  <%= f.hidden_field :user_id, :value => @user_id %>
-  <%= f.submit 'Change password', class: 'btn' %>
-<% end %>
+  <%= form_with url: '/recover_password', method: :post do |f| %>
+    <%= f.label :password%>
+    <%= f.password_field :password %>
+    <%= f.label :password_confirmation%>
+    <%= f.password_field :password_confirmation %>
+    <%= f.hidden_field :recovery_password, :value => @recovery_password %>
+    <%= f.hidden_field :user_id, :value => @user_id %>
+    <%= f.submit 'Change password', class: 'btn' %>
+  <% end %>
+</div>