Removed autocomplete fields from Create New User page.

app/controllers/admin_controller.rb

@@ -1,26 +1,24 @@
 class AdminController < ApplicationController
-    before_action :authenticate_user!
-    load_and_authorize_resource class: User
-  
-    def new_user
-      @user = User.new
-    end
-  
-    def create_user
-      @user = User.new(user_params)
-      if @user.save
-        # Add role to the user here if needed e.g., user.add_role :new_role
-        redirect_to admin_users_path, notice: 'User was successfully created.'
-      else
-        render :new_user
-      end
-    end
-  
-    private
-  
-    def user_params
-      params.require(:user).permit(:email, :password, :password_confirmation)
-      # Add other fields as needed
+  before_action :authenticate_user!
+  load_and_authorize_resource class: User
+
+  def new_user
+    @user = User.new
+  end
+
+  def create_user
+    @user = User.new(user_params)
+    if @user.save
+      redirect_to some_admin_path, notice: 'User was successfully created.' # Update the redirect path as needed
+    else
+      render :new_user
     end
   end
-  
+
+  private
+
+  def user_params
+    params.require(:user).permit(:email, :password, :password_confirmation)
+    # Ensure you permit the right parameters
+  end
+end

app/controllers/users_controller.rb

@@ -8,6 +8,11 @@ class UsersController < ApplicationController
     @users = User.all
   end
 
+  def new
+    @user = User.new
+  end
+  
+
   def edit
   end
 
@@ -31,6 +36,11 @@ class UsersController < ApplicationController
     end
   end
 
+  def show
+    @user = User.includes(:access_periods).find(params[:id])
+  end
+  
+
   def destroy
     @user.destroy
     redirect_to users_path, notice: 'User was successfully deleted.'
@@ -46,7 +56,8 @@ class UsersController < ApplicationController
     params.require(:user).permit(
       :email, :password, :password_confirmation, :remember_me,
       :first_name, :last_name, :phone, :company, 
-      :access_revoked, :access_start_date, :access_end_date, 
+      :access_revoked, :access_start_date, :access_end_date,
+      access_periods_attributes: [:id, :start_date, :end_date, :destroy], 
       roles: []
     )
   end
@@ -67,12 +78,14 @@ class UsersController < ApplicationController
   
 
   def update_user_roles(user, roles_names)
-    user.roles.delete_all # Remove existing roles if you want to reset roles on update
-    roles_names = ['user'] if roles_names.blank? # Ensure there's a default role
+    return if roles_names.blank?  # Do nothing if no roles provided
+  
+    user.roles.delete_all  # Consider keeping this if role reset is truly intended
     roles_names.each do |role_name|
-      user.add_role(role_name)
+      user.add_role(role_name) unless role_name.blank?
     end
   end
   
+  
 
 end

app/models/access_period.rb

@@ -0,0 +1,3 @@
+class AccessPeriod < ApplicationRecord
+  belongs_to :user
+end

app/models/user.rb

@@ -1,9 +1,31 @@
 class User < ApplicationRecord
   rolify
   devise :database_authenticatable, :registerable, :recoverable, :rememberable, :validatable
+  has_many :access_periods, dependent: :destroy
+  accepts_nested_attributes_for :access_periods, allow_destroy: true
+  after_create :assign_default_role
 
+  
+  # Validation for date fields
+  validate :end_date_after_start_date, if: -> { access_revoked && access_end_date.present? }
+
+  # Override Devise method to consider access_revoked
   def active_for_authentication?
     super && !access_revoked
   end
-  
-end
+
+  private
+
+  def assign_default_role
+    self.add_role(:user) unless self.has_any_role?
+  end
+
+  def end_date_after_start_date
+    if access_start_date.present?
+      errors.add(:access_end_date, 'must be provided when access is revoked') unless access_end_date.present?
+      if access_end_date && access_end_date < access_start_date
+        errors.add(:access_end_date, 'must be after the start date')
+      end
+    end
+  end
+end

app/views/admin/new_user.html.erb

@@ -3,22 +3,42 @@
     <div class="col-md-6">
       <h2 class="mb-3 text-center">Create New User</h2>
 
-      <%= form_for(@user, url: admin_users_path, html: { class: 'needs-validation', novalidate: true }) do |f| %>
+      <%= form_for(@user, url: users_path, html: { class: 'needs-validation', novalidate: true }) do |f| %>
+        <div class="mb-3">
+          <%= f.label :first_name, 'First Name', class: 'form-label' %>
+          <%= f.text_field :first_name, class: 'form-control', placeholder: 'Enter first name', required: true %>
+        </div>
+      
+        <div class="mb-3">
+          <%= f.label :last_name, 'Last Name', class: 'form-label' %>
+          <%= f.text_field :last_name, class: 'form-control', placeholder: 'Enter last name', required: true %>
+        </div>
+      
         <div class="mb-3">
           <%= f.label :email, class: 'form-label' %>
-          <%= f.email_field :email, class: 'form-control', placeholder: 'Enter email', required: true %>
+          <%= f.email_field :email, class: 'form-control', placeholder: 'Enter email', required: true, autocomplete: "new-password" %>
         </div>
-
+      
         <div class="mb-3">
-          <%= f.label :password, class: 'form-label' %>
-          <%= f.password_field :password, class: 'form-control', placeholder: 'Password', required: true %>
+          <%= f.label :password, 'Password', class: 'form-label' %>
+          <%= f.password_field :password, class: 'form-control', placeholder: 'Password', required: true, autocomplete: "new-password" %>
         </div>
-
+      
         <div class="mb-3">
-          <%= f.label :password_confirmation, "Confirm Password", class: 'form-label' %>
+          <%= f.label :password_confirmation, 'Confirm Password', class: 'form-label' %>
           <%= f.password_field :password_confirmation, class: 'form-control', placeholder: 'Confirm Password', required: true %>
         </div>
-
+      
+        <div class="mb-3">
+          <%= f.label :phone, 'Phone Number', class: 'form-label' %>
+          <%= f.telephone_field :phone, class: 'form-control', placeholder: 'Enter phone number' %>
+        </div>
+      
+        <div class="mb-3">
+          <%= f.label :company, 'Company', class: 'form-label' %>
+          <%= f.text_field :company, class: 'form-control', placeholder: 'Enter company name' %>
+        </div>
+      
         <div class="actions text-center">
           <%= f.submit "Create User", class: 'btn btn-dark' %>
         </div>
@@ -26,6 +46,7 @@
     </div>
   </div>
 </div>
+      
 
 <%# This is to indicate to the User if the passwords didn't match %>
 <script>

app/views/users/_form.html.erb

@@ -50,38 +50,38 @@
   </div>
 
   <%# Date fields for access control %>
-  <div class="mb-3">
-    <%= form.label :access_start_date, 'Access Start Date', class: 'form-label' %>
-    <%= form.date_field :access_start_date, class: 'form-control' %>
-  </div>
-
-  <div class="mb-3">
-    <%= form.label :access_end_date, 'Access End Date', class: 'form-label' %>
-    <%= form.date_field :access_end_date, class: 'form-control' %>
-  </div>
+  <%= form.fields_for :access_periods do |period_form| %>
+    <div class="mb-3">
+      <%= period_form.label :start_date, 'Access Start Date', class: 'form-label' %>
+      <%= period_form.date_field :start_date, class: 'form-control' %>
+    </div>
+    <div class="mb-3">
+      <%= period_form.label :end_date, 'Access End Date', class: 'form-label' %>
+      <%= period_form.date_field :end_date, class: 'form-control' %>
+    </div>
+  <% end %>
 
+  <h3>Access Periods</h3>
+  <table class="table">
+    <thead>
+      <tr>
+        <th>Access Start Date</th>
+        <th>Access End Date</th>
+      </tr>
+    </thead>
+    <tbody>
+      <% @user.access_periods.each do |period| %>
+        <tr>
+          <td><%= period.start_date %></td>
+          <td><%= period.end_date || 'Currently has access' %></td>
+        </tr>
+      <% end %>
+    </tbody>
+  </table>
+  
   <%# Submit button %>
-  <div class="actions">
-    <%= form.submit 'Save', class: 'btn btn-dark' %>
-  </div>
+    <div class="actions">
+      <%= form.submit 'Save', class: 'btn btn-dark' %>
+    </div>
 
-<% end %>
-
-
-<%# This ensures that the access end date is greyed out if user access has not been revoked %>
-<script>
-  document.addEventListener("DOMContentLoaded", function() {
-    const accessRevokedCheckbox = document.querySelector('#user_access_revoked'); // Make sure the ID matches your form field's ID
-    const accessEndDateField = document.querySelector('#user_access_end_date'); // Same here, use the actual ID
-
-    function toggleEndDateField() {
-      accessEndDateField.disabled = !accessRevokedCheckbox.checked;
-      if (!accessRevokedCheckbox.checked) {
-        accessEndDateField.value = ''; // Clear the date if access is not revoked
-      }
-    }
-
-    accessRevokedCheckbox.addEventListener('change', toggleEndDateField);
-    toggleEndDateField(); // Call on load to set initial state
-  });
-</script>
+<% end %>

app/views/users/index.html.erb

@@ -41,7 +41,7 @@
     <div class="col-12 d-flex justify-content-between mb-4">
       <!-- Button for Admins to add a new user -->
     <% if can?(:create, User) %> <!-- Checks if the current user has the permission to create new users -->
-      <%= link_to 'Add New User', new_admin_user_path, class: "btn btn-dark" %>
+      <%= link_to 'Add New User', new_user_admin_path, class: "btn btn-dark" %>
     <% end %>
 
       <%= link_to 'Back to Home', root_path, class: "btn btn-secondary" %> <!-- Adjust as needed -->

config/routes.rb

@@ -85,12 +85,13 @@ Rails.application.routes.draw do
   resources :forms
   resources :users
 
-  # Custom route for admin to create a new user
-  get 'admin/users/new', to: 'admin#new_user', as: :new_admin_user
-  post 'admin/users', to: 'admin#create_user', as: :admin_users
-  
+  resource :admin, controller: 'admin', only: [] do
+    get 'users/new', to: 'admin#new_user', as: 'new_user'
+    post 'users', to: 'admin#create_user', as: 'create_user'
+    # Define other routes as needed
+  end
+
 
-  
 
   get 'home/index'
   # Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html

db/migrate/20240411215819_create_access_periods.rb

@@ -0,0 +1,11 @@
+class CreateAccessPeriods < ActiveRecord::Migration[7.1]
+  def change
+    create_table :access_periods do |t|
+      t.date :start_date
+      t.date :end_date
+      t.references :user, null: false, foreign_key: true
+
+      t.timestamps
+    end
+  end
+end

db/schema.rb

@@ -10,7 +10,16 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.1].define(version: 2024_04_09_215110) do
+ActiveRecord::Schema[7.1].define(version: 2024_04_11_215819) do
+  create_table "access_periods", force: :cascade do |t|
+    t.date "start_date"
+    t.date "end_date"
+    t.integer "user_id", null: false
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["user_id"], name: "index_access_periods_on_user_id"
+  end
+
   create_table "bank_accounts", force: :cascade do |t|
     t.string "institution_name"
     t.string "account_type"
@@ -236,6 +245,7 @@ ActiveRecord::Schema[7.1].define(version: 2024_04_09_215110) do
     t.index ["ssn"], name: "index_workers_on_ssn", unique: true
   end
 
+  add_foreign_key "access_periods", "users"
   add_foreign_key "employer_records", "employers"
   add_foreign_key "employer_records", "participants"
   add_foreign_key "employments", "participants"

test/fixtures/access_periods.yml

@@ -0,0 +1,11 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+  start_date: 2024-04-11
+  end_date: 2024-04-11
+  user: one
+
+two:
+  start_date: 2024-04-11
+  end_date: 2024-04-11
+  user: two

test/models/access_period_test.rb

@@ -0,0 +1,7 @@
+require "test_helper"
+
+class AccessPeriodTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end