Class: Admin::UsersController

Inherits:
ApplicationController
  • Object
show all
Includes:
AdminBulkActions, AdminPagination, AdminTurboTable, AuditLoggable
Defined in:
lib/generators/ruby_cms/templates/controllers/admin/users_controller.rb

Constant Summary

Constants included from AdminPagination

AdminPagination::DEFAULT_MAX_PER_PAGE, AdminPagination::DEFAULT_MIN_PER_PAGE

Instance Method Summary collapse

Methods included from AdminTurboTable

#turbo_frame_id, #turbo_frame_request?, #turbo_redirect_to, #turbo_render_form, #turbo_render_index, #turbo_stream_replace_table, #turbo_stream_request?, #turbo_stream_update_table

Methods included from AdminPagination

#paginate_collection, #set_pagination_vars

Instance Method Details

#bulk_deleteObject 



98
99
100
101
102
103
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/users_controller.rb', line 98

def bulk_delete
  count = bulk_destroy(user_class, audit: :user_deleted, target_label: "User")
  turbo_redirect_to admin_users_path, notice: "#{count} user(s) #{
    t('ruby_cms.admin.users.deleted')
  }."
end

#createObject 



77
78
79
80
81
82
83
84
85
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/users_controller.rb', line 77

def create
  user = user_class.new(user_params)
  if user.save
    audit!(:user_created, target: user, summary: "Invited user #{audit_user_email(user)}")
    redirect_to admin_users_path, notice: t("ruby_cms.admin.users.created")
  else
    handle_create_failure(user)
  end
end

#destroyObject 



87
88
89
90
91
92
93
94
95
96
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/users_controller.rb', line 87

def destroy
  user = user_class.find(params[:id])
  email = audit_user_email(user)
  unless user.destroy
    return redirect_to admin_users_path, alert: user.errors.full_messages.to_sentence.presence || t("ruby_cms.admin.users.deleted")
  end

  audit!(:user_deleted, target: "User:#{email}", summary: "Deleted user #{email}", meta: { user_id: user.id })
  redirect_to admin_users_path, notice: t("ruby_cms.admin.users.deleted")
end

#destroy_sessionsObject 



69
70
71
72
73
74
75
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/users_controller.rb', line 69

def destroy_sessions
  user = user_class.find(params[:id])
  count = user.sessions.count
  user.sessions.destroy_all
  audit!(:user_sessions_revoked, target: user, summary: "Beƫindigde #{count} sessie(s) voor #{audit_user_email(user)}")
  redirect_to admin_users_path, notice: "#{count} sessie#{'s' unless count == 1} beƫindigd"
end

#indexObject

Raises:

  • (ArgumentError) 


14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/users_controller.rb', line 14

def index
  base_scope = user_class.all
  @filter_counts = base_user_counts(base_scope)
  @total_users_count = @filter_counts[:all]

  @current_filter = %w[all admin user active inactive].include?(params[:filter]) ? params[:filter] : "all"
  scope = base_scope
  case @current_filter
  when "admin"    then scope = scope.where(admin: true)  if base_scope.column_names.include?("admin")
  when "user"     then scope = scope.where(admin: false) if base_scope.column_names.include?("admin")
  when "active"   then scope = scope.where(id: active_user_ids)
  when "inactive" then scope = scope.where.not(id: active_user_ids)
  end

  scope = apply_search_filter(scope)

  @sort_column = %w[user role created].include?(params[:sort]) ? params[:sort] : "created"
  @sort_direction = params[:direction] == "asc" ? "asc" : "desc"
  sort_db_column = {
    "user" => user_email_column.to_s,
    "role" => "admin",
    "created" => "created_at"
  }.fetch(@sort_column, "created_at")
  # Whitelist sort column + direction explicitly so the resulting Arel literal
  # only ever contains values from a fixed allow-list (no user input).
  raise ArgumentError, "invalid sort column" unless %w[email_address email admin created_at].include?(sort_db_column)

  direction_sql = @sort_direction == "asc" ? "ASC" : "DESC"
  scope = scope.reorder(Arel.sql("#{sort_db_column} #{direction_sql}"))

  # Preload associations the row partial touches: permissions.size + latest session.
  # Without this every rendered row issues 2 extra queries.
  preload_assocs = []
  preload_assocs << :permissions if user_class.reflect_on_association(:permissions)
  preload_assocs << :sessions    if user_class.reflect_on_association(:sessions)
  scope = scope.includes(*preload_assocs) if preload_assocs.any?

  @users = paginate_collection(scope)
  @pending_invitations = Invitation.pending.includes(:invited_by).order(created_at: :desc)
  @active_user_ids = active_user_ids
  @permission_total = Permission.count
  turbo_render_index
end

#showObject 



58
59
60
61
62
63
64
65
66
67
 
# File 'lib/generators/ruby_cms/templates/controllers/admin/users_controller.rb', line 58

def show
  @user = user_class.find(params[:id])
  @user_details = build_user_details(@user)
  @user_sessions = @user.respond_to?(:sessions) ? @user.sessions.order(updated_at: :desc) : []
  @user_passkeys = @user.respond_to?(:passkey_credentials) ? @user.passkey_credentials.order(created_at: :desc) : []
  @user_activity = AuditLogEntry.where(actor_email: user_email_value(@user)).order(created_at: :desc).limit(30)
  @all_permissions = Permission.order(:key)
  records = UserPermission.where(user: @user).pluck(:id, :permission_id)
  @user_permission_id_by_permission = records.to_h { |up_id, perm_id| [ perm_id, up_id ] }
end