account management is ready

app/controllers/accounts_controller.rb

@@ -0,0 +1,78 @@
+class AccountsController < ApplicationController
+  before_action :set_user, only: [:show, :edit, :update, :destroy]
+  before_action :admin?
+
+  def index
+    @users = User.all
+  end
+
+  def show
+  end
+
+  def new
+    @user = User.new
+  end
+
+  def edit
+    if @user.is_admin?
+      redirect_to users_path, notice: 'Admins are not editable by other admins.'
+    end
+  end
+
+  def create
+    @user = User.new(user_params)
+
+    respond_to do |format|
+      if @user.save
+        format.html { redirect_to @user, notice: 'User was successfully created.' }
+        format.json { render action: 'show', status: :created, location: @user }
+      else
+        format.html { render action: 'new' }
+        format.json { render json: @user.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  def update
+     password = params[:user][:current_password]
+     params[:user].delete(:current_password)
+     respond_to do |format|
+       if @user.update(user_params)
+         format.html { redirect_to @user, notice: 'User was successfully updated.' }
+         format.json { head :no_content }
+       else
+         format.html { render action: 'edit', notice: @user.errors }
+         format.json { render json: @user.errors, status: :unprocessable_entity }
+       end
+    end
+  end
+
+  # DELETE /users/1
+  # DELETE /users/1.json
+  def destroy
+    @user.destroy
+    respond_to do |format|
+      format.html { redirect_to users_url }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+  # Use callbacks to share common setup or constraints between actions.
+  def set_user
+    @user = User.find(params[:id])
+  end
+
+  # Never trust parameters from the scary internet, only allow the white list through.
+  def user_params
+    params.require(:user).permit(:email, :password, :password_confirmation, :current_password)
+  end
+
+
+  def admin?
+    if current_admin.nil?
+      redirect_to new_admin_session_path, notice: 'Please login as an Admin.'
+    end
+
+  end
+end

app/models/user.rb

@@ -21,5 +21,8 @@ class User < ActiveRecord::Base
     end
   end
 
+  def is_admin?
+    Admin.exists?(email: self.email)
+  end
 
 end

app/views/accounts/edit.html.erb

@@ -0,0 +1,19 @@
+<h2>Edit <%= @user.email %></h2>
+
+<%= simple_form_for(@user, url: user_path(@user), html: { method: :put }) do |f| %>
+    <%= f.error_notification %>
+
+    <div class="form-inputs">
+      <%= f.input :email, required: true, autofocus: true %>
+
+      <%= f.input :password, autocomplete: "off", hint: "leave it blank if you don't want to change it", required: false %>
+      <%= f.input :password_confirmation, required: false %>
+    </div>
+
+    <div class="form-actions">
+      <%= f.button :submit, "Update" %>
+    </div>
+<% end %>
+
+
+<%= link_to "Back", :back %>

app/views/accounts/index.html.erb

@@ -0,0 +1,24 @@
+<h1>Users</h1>
+<hr>
+<p>To edit your own user, use the Profile Option.</p>
+<table class="table table-striped">
+  <thead>
+  <tr>
+    <th>Email</th>
+    <th></th>
+    <th></th>
+  </tr>
+  </thead>
+  <tbody>
+  <% @users.each do |user| %>
+      <% next if user.is_admin? %>
+      <% next if user.equal?(current_user) %>
+      <tr>
+        <td><%= link_to user.email, user %></td>
+        <td><%= link_to 'Edit', edit_user_path(user) %></td>
+        <td><%= link_to 'Destroy', user_path(user), method: :delete, data: { confirm: 'Are you sure?' } %></td>
+      </tr>
+  <% end %>
+  </tbody>
+</table>
+<%= link_to 'New user', new_user_path unless Rails.env.production? %>

app/views/accounts/new.html.erb

@@ -0,0 +1,15 @@
+<h1>New User</h1>
+<%= simple_form_for(@user, url: users_path) do |f| %>
+    <%= f.error_notification %>
+
+    <div class="form-inputs">
+      <%= f.input :email, required: true, autofocus: true %>
+
+      <%= f.input :password, autocomplete: "off", hint: "leave it blank if you don't want to change it", required: false %>
+      <%= f.input :password_confirmation, required: false %>
+    </div>
+
+    <div class="form-actions">
+      <%= f.button :submit, "Update" %>
+    </div>
+<% end %>

app/views/accounts/show.html.erb

@@ -0,0 +1 @@
+<h1><%= @user.email %></h1>

app/views/campaigns/index.html.erb

@@ -27,7 +27,7 @@
         <td><%= campaign.state %></td>
         <td><%= campaign.zip %></td>
         <td><%= link_to 'Edit', edit_campaign_path(campaign.listingcode) unless campaign.sent %></td>
-        <td><%= link_to 'Destroy', campaign_path(campaign.listingcode), method: :delete, data: { confirm: 'Are you sure?' } %></td>
+        <td><%= link_to 'Destroy', campaign_path(campaign.listingcode), method: :delete, data: { confirm: 'Are you sure?' } if admin_signed_in? %></td>
       </tr>
     <% end %>
   </tbody>

app/views/layouts/_header.html.erb

@@ -11,6 +11,13 @@
     </div>
     <div class="navbar-collapse collapse">
       <ul class="nav navbar-nav navbar-right">
+        <% if admin_signed_in? %>
+            <li><%= link_to "Edit Users", users_path %></li>
+        <% else %>
+            <% if user_signed_in? %>
+              <li><%= link_to "Login as Admin", new_admin_session_path %></li>
+            <% end %>
+        <% end %>
         <% if user_signed_in? %>
             <li><%= link_to "Profile", edit_user_registration_path %></li>
             <li><%= link_to "Logout", destroy_user_session_path, :method => :delete %></li>

config/routes.rb

@@ -1,10 +1,8 @@
 Vidpush::Application.routes.draw do
+  resources :users, :controller => "accounts", path: "accounts"
+
   devise_for :admins
-  if Rails.env.production?
-    devise_for :users, :controllers => {registrations: "registrations"}
-  else
   devise_for :users
-  end
 
   root to: "campaigns#index"
 

db/schema.rb

@@ -81,7 +81,7 @@ ActiveRecord::Schema.define(version: 20140505153412) do
 
   add_index "delayed_jobs", ["priority", "run_at"], name: "delayed_jobs_priority", using: :btree
 
-  create_table "users", force: true do |t|
+  create_table "accounts", force: true do |t|
     t.datetime "created_at"
     t.datetime "updated_at"
     t.string   "email",                  default: "", null: false