Fixed user role changes and admin access to the proper header tabs.

2024-04-26 15:38:09 -05:00 · 2024-04-26 15:38:09 -05:00 · 1460df687f
parent 6d03d80a31
commit 1460df687f
3 changed files with 16 additions and 5 deletions
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -105,11 +105,15 @@ class UsersController < ApplicationController
  

  def update_user_roles(user, roles_names)
-    return if roles_names.blank?  # Do nothing if no roles provided
-    roles_names.each do |role_name|
-      user.add_role(role_name) unless role_name.blank?
-    end
+    # Assume roles_names should only contain one role at most
+    new_role = roles_names.reject(&:blank?).uniq.first  # Take the first valid role name
+  
+    # Clear all roles and set the new one
+    user.roles.delete_all
+    user.add_role(new_role) if new_role
  end
+  
+  

  def handle_access_revocation
    if params[:user][:access_revoked] == "1"
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -6,6 +6,9 @@ class User < ApplicationRecord
  after_create :assign_default_role

  validate :password_complexity
+
+  # Callback to update the admin attribute based on Rolify role
+  before_save :update_admin_attribute
  
  # Validation for date fields
  validate :end_date_after_start_date, if: -> { access_revoked && access_end_date.present? }
@ -26,6 +29,10 @@ class User < ApplicationRecord
    errors.add :password, 'Complexity requirement not met. Length should be 8 characters and include: 1 uppercase, 1 lowercase, and 1 digit'
  end

+  def update_admin_attribute
+    self.admin = has_role?(:admin)
+  end
+
  def end_date_after_start_date
    if access_start_date.present?
      errors.add(:access_end_date, 'must be provided when access is revoked') unless access_end_date.present?
--- a/app/views/layouts/_navbar.html.erb
+++ b/app/views/layouts/_navbar.html.erb
@ -21,7 +21,7 @@
        </li>

        <!-- Admin Dropdown Menu -->
-        <% if user_signed_in? && current_user.admin? %>
+        <% if user_signed_in? && current_user.has_role?(:admin) %>
          <li class="nav-item dropdown">
            <%= link_to 'Admin', '#', class: 'nav-link dropdown-toggle', id: 'adminDropdown', role: 'button', data: { bs_toggle: 'dropdown' }, aria: { haspopup: 'true', expanded: 'false' } %>
            <ul class="dropdown-menu" aria-labelledby="adminDropdown">