edit authors, delete users, UI changes

2021-03-21 22:31:58 +01:00 · 2021-03-21 22:31:58 +01:00 · ccb6e23960
commit ccb6e23960
parent e36cc36947
19 changed files with 190 additions and 75 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -10,10 +10,18 @@ class ApplicationController < ActionController::Base
    !current_user.nil?
  end

+  protected
+
  def notices_from_errors(record)
    messages = record.errors.messages.map do |attribute, messages|
      messages.map { |message| "#{attribute} #{message}".capitalize }
    end
    messages.flatten
  end
+
+  def ensure_admin
+    unless current_user&.admin?
+      redirect_to '/welcome', notice: 'You are not allowed to perform this action'
+    end
+  end
 end
--- a/app/controllers/authors_controller.rb
+++ b/app/controllers/authors_controller.rb
@ -1,5 +1,28 @@
 class AuthorsController < ApplicationController
+  before_action :ensure_admin
+  before_action :set_author, only: [:edit, :update]
+
  def index
    @authors = Author.all
  end
+
+  def edit
+    @author = Author.find(params[:id])
+  end
+
+  def update
+    if @author.update(author_params)
+      redirect_to '/authors'
+    end
+  end
+
+  private
+
+  def set_author
+    @author = Author.find(params[:id])
+  end
+
+  def author_params
+    params.require(:author).permit(:first_name, :last_name)
+  end
 end
--- a/app/controllers/books_controller.rb
+++ b/app/controllers/books_controller.rb
@ -25,12 +25,6 @@ class BooksController < ApplicationController

  private

-  def ensure_admin
-    unless current_user&.admin?
-      redirect_to '/welcome', notice: 'You are not allowed to perform this action'
-    end
-  end
-
  def set_book
    @book = BooksPresenter.new(Book.find(params[:id]))
  end
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -1,4 +1,10 @@
 class UsersController < ApplicationController
+  before_action :ensure_admin, only: [:destroy]
+
+  def index
+    @users = User.all
+  end
+
  def new
    @user = User.new
  end
@ -45,4 +51,9 @@ class UsersController < ApplicationController
      redirect_to '/welcome', notice: 'Recovery link expired or invalid'
    end
  end
+
+  def destroy
+    User.destroy(params[:id])
+    redirect_to '/users'
+  end
 end