Removed autocomplete fields from Create New User page.

2024-04-11 23:48:16 -05:00 · 2024-04-11 23:48:16 -05:00 · e7abc0fa50
parent 350ee25d7d
commit e7abc0fa50
12 changed files with 173 additions and 76 deletions
--- a/app/controllers/admin_controller.rb
+++ b/app/controllers/admin_controller.rb
@ -9,8 +9,7 @@ class AdminController < ApplicationController
  def create_user
    @user = User.new(user_params)
    if @user.save
-        # Add role to the user here if needed e.g., user.add_role :new_role
-        redirect_to admin_users_path, notice: 'User was successfully created.'
+      redirect_to some_admin_path, notice: 'User was successfully created.' # Update the redirect path as needed
    else
      render :new_user
    end
@ -20,7 +19,6 @@ class AdminController < ApplicationController

  def user_params
    params.require(:user).permit(:email, :password, :password_confirmation)
-      # Add other fields as needed
+    # Ensure you permit the right parameters
  end
 end
-  
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -8,6 +8,11 @@ class UsersController < ApplicationController
    @users = User.all
  end

+  def new
+    @user = User.new
+  end
+  
+
  def edit
  end

@ -31,6 +36,11 @@ class UsersController < ApplicationController
    end
  end

+  def show
+    @user = User.includes(:access_periods).find(params[:id])
+  end
+  
+
  def destroy
    @user.destroy
    redirect_to users_path, notice: 'User was successfully deleted.'
@ -47,6 +57,7 @@ class UsersController < ApplicationController
      :email, :password, :password_confirmation, :remember_me,
      :first_name, :last_name, :phone, :company, 
      :access_revoked, :access_start_date, :access_end_date,
+      access_periods_attributes: [:id, :start_date, :end_date, :destroy], 
      roles: []
    )
  end
@ -67,12 +78,14 @@ class UsersController < ApplicationController
  

  def update_user_roles(user, roles_names)
-    user.roles.delete_all # Remove existing roles if you want to reset roles on update
-    roles_names = ['user'] if roles_names.blank? # Ensure there's a default role
+    return if roles_names.blank?  # Do nothing if no roles provided
+  
+    user.roles.delete_all  # Consider keeping this if role reset is truly intended
    roles_names.each do |role_name|
-      user.add_role(role_name)
+      user.add_role(role_name) unless role_name.blank?
    end
  end
  
  
+
 end
--- a/app/models/access_period.rb
+++ b/app/models/access_period.rb
@ -0,0 +1,3 @@
+class AccessPeriod < ApplicationRecord
+  belongs_to :user
+end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -1,9 +1,31 @@
 class User < ApplicationRecord
  rolify
  devise :database_authenticatable, :registerable, :recoverable, :rememberable, :validatable
+  has_many :access_periods, dependent: :destroy
+  accepts_nested_attributes_for :access_periods, allow_destroy: true
+  after_create :assign_default_role

+  
+  # Validation for date fields
+  validate :end_date_after_start_date, if: -> { access_revoked && access_end_date.present? }
+
+  # Override Devise method to consider access_revoked
  def active_for_authentication?
    super && !access_revoked
  end

+  private
+
+  def assign_default_role
+    self.add_role(:user) unless self.has_any_role?
+  end
+
+  def end_date_after_start_date
+    if access_start_date.present?
+      errors.add(:access_end_date, 'must be provided when access is revoked') unless access_end_date.present?
+      if access_end_date && access_end_date < access_start_date
+        errors.add(:access_end_date, 'must be after the start date')
+      end
+    end
+  end
 end
--- a/app/views/admin/new_user.html.erb
+++ b/app/views/admin/new_user.html.erb
@ -3,22 +3,42 @@
    <div class="col-md-6">
      <h2 class="mb-3 text-center">Create New User</h2>

-      <%= form_for(@user, url: admin_users_path, html: { class: 'needs-validation', novalidate: true }) do |f| %>
+      <%= form_for(@user, url: users_path, html: { class: 'needs-validation', novalidate: true }) do |f| %>
+        <div class="mb-3">
+          <%= f.label :first_name, 'First Name', class: 'form-label' %>
+          <%= f.text_field :first_name, class: 'form-control', placeholder: 'Enter first name', required: true %>
+        </div>
+      
+        <div class="mb-3">
+          <%= f.label :last_name, 'Last Name', class: 'form-label' %>
+          <%= f.text_field :last_name, class: 'form-control', placeholder: 'Enter last name', required: true %>
+        </div>
+      
        <div class="mb-3">
          <%= f.label :email, class: 'form-label' %>
-          <%= f.email_field :email, class: 'form-control', placeholder: 'Enter email', required: true %>
+          <%= f.email_field :email, class: 'form-control', placeholder: 'Enter email', required: true, autocomplete: "new-password" %>
        </div>
      
        <div class="mb-3">
-          <%= f.label :password, class: 'form-label' %>
-          <%= f.password_field :password, class: 'form-control', placeholder: 'Password', required: true %>
+          <%= f.label :password, 'Password', class: 'form-label' %>
+          <%= f.password_field :password, class: 'form-control', placeholder: 'Password', required: true, autocomplete: "new-password" %>
        </div>
      
        <div class="mb-3">
-          <%= f.label :password_confirmation, "Confirm Password", class: 'form-label' %>
+          <%= f.label :password_confirmation, 'Confirm Password', class: 'form-label' %>
          <%= f.password_field :password_confirmation, class: 'form-control', placeholder: 'Confirm Password', required: true %>
        </div>
      
+        <div class="mb-3">
+          <%= f.label :phone, 'Phone Number', class: 'form-label' %>
+          <%= f.telephone_field :phone, class: 'form-control', placeholder: 'Enter phone number' %>
+        </div>
+      
+        <div class="mb-3">
+          <%= f.label :company, 'Company', class: 'form-label' %>
+          <%= f.text_field :company, class: 'form-control', placeholder: 'Enter company name' %>
+        </div>
+      
        <div class="actions text-center">
          <%= f.submit "Create User", class: 'btn btn-dark' %>
        </div>
@ -27,6 +47,7 @@
  </div>
 </div>
      
+
 <%# This is to indicate to the User if the passwords didn't match %>
 <script>
  document.addEventListener("DOMContentLoaded", function() {
--- a/app/views/users/_form.html.erb
+++ b/app/views/users/_form.html.erb
@ -50,15 +50,34 @@
  </div>

  <%# Date fields for access control %>
+  <%= form.fields_for :access_periods do |period_form| %>
    <div class="mb-3">
-    <%= form.label :access_start_date, 'Access Start Date', class: 'form-label' %>
-    <%= form.date_field :access_start_date, class: 'form-control' %>
+      <%= period_form.label :start_date, 'Access Start Date', class: 'form-label' %>
+      <%= period_form.date_field :start_date, class: 'form-control' %>
    </div>
+    <div class="mb-3">
+      <%= period_form.label :end_date, 'Access End Date', class: 'form-label' %>
+      <%= period_form.date_field :end_date, class: 'form-control' %>
+    </div>
+  <% end %>

-  <div class="mb-3">
-    <%= form.label :access_end_date, 'Access End Date', class: 'form-label' %>
-    <%= form.date_field :access_end_date, class: 'form-control' %>
-  </div>
+  <h3>Access Periods</h3>
+  <table class="table">
+    <thead>
+      <tr>
+        <th>Access Start Date</th>
+        <th>Access End Date</th>
+      </tr>
+    </thead>
+    <tbody>
+      <% @user.access_periods.each do |period| %>
+        <tr>
+          <td><%= period.start_date %></td>
+          <td><%= period.end_date || 'Currently has access' %></td>
+        </tr>
+      <% end %>
+    </tbody>
+  </table>
  
  <%# Submit button %>
    <div class="actions">
@ -66,22 +85,3 @@
    </div>

 <% end %>
-
-
-<%# This ensures that the access end date is greyed out if user access has not been revoked %>
-<script>
-  document.addEventListener("DOMContentLoaded", function() {
-    const accessRevokedCheckbox = document.querySelector('#user_access_revoked'); // Make sure the ID matches your form field's ID
-    const accessEndDateField = document.querySelector('#user_access_end_date'); // Same here, use the actual ID
-
-    function toggleEndDateField() {
-      accessEndDateField.disabled = !accessRevokedCheckbox.checked;
-      if (!accessRevokedCheckbox.checked) {
-        accessEndDateField.value = ''; // Clear the date if access is not revoked
-      }
-    }
-
-    accessRevokedCheckbox.addEventListener('change', toggleEndDateField);
-    toggleEndDateField(); // Call on load to set initial state
-  });
-</script>
--- a/app/views/users/index.html.erb
+++ b/app/views/users/index.html.erb
@ -41,7 +41,7 @@
    <div class="col-12 d-flex justify-content-between mb-4">
      <!-- Button for Admins to add a new user -->
    <% if can?(:create, User) %> <!-- Checks if the current user has the permission to create new users -->
-      <%= link_to 'Add New User', new_admin_user_path, class: "btn btn-dark" %>
+      <%= link_to 'Add New User', new_user_admin_path, class: "btn btn-dark" %>
    <% end %>

      <%= link_to 'Back to Home', root_path, class: "btn btn-secondary" %> <!-- Adjust as needed -->
--- a/config/routes.rb
+++ b/config/routes.rb
@ -85,10 +85,11 @@ Rails.application.routes.draw do
  resources :forms
  resources :users

-  # Custom route for admin to create a new user
-  get 'admin/users/new', to: 'admin#new_user', as: :new_admin_user
-  post 'admin/users', to: 'admin#create_user', as: :admin_users
-  
+  resource :admin, controller: 'admin', only: [] do
+    get 'users/new', to: 'admin#new_user', as: 'new_user'
+    post 'users', to: 'admin#create_user', as: 'create_user'
+    # Define other routes as needed
+  end



--- a/db/migrate/20240411215819_create_access_periods.rb
+++ b/db/migrate/20240411215819_create_access_periods.rb
@ -0,0 +1,11 @@
+class CreateAccessPeriods < ActiveRecord::Migration[7.1]
+  def change
+    create_table :access_periods do |t|
+      t.date :start_date
+      t.date :end_date
+      t.references :user, null: false, foreign_key: true
+
+      t.timestamps
+    end
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -10,7 +10,16 @@
 #
 # It's strongly recommended that you check this file into your version control system.

-ActiveRecord::Schema[7.1].define(version: 2024_04_09_215110) do
+ActiveRecord::Schema[7.1].define(version: 2024_04_11_215819) do
+  create_table "access_periods", force: :cascade do |t|
+    t.date "start_date"
+    t.date "end_date"
+    t.integer "user_id", null: false
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["user_id"], name: "index_access_periods_on_user_id"
+  end
+
  create_table "bank_accounts", force: :cascade do |t|
    t.string "institution_name"
    t.string "account_type"
@ -236,6 +245,7 @@ ActiveRecord::Schema[7.1].define(version: 2024_04_09_215110) do
    t.index ["ssn"], name: "index_workers_on_ssn", unique: true
  end

+  add_foreign_key "access_periods", "users"
  add_foreign_key "employer_records", "employers"
  add_foreign_key "employer_records", "participants"
  add_foreign_key "employments", "participants"
--- a/test/fixtures/access_periods.yml
+++ b/test/fixtures/access_periods.yml
@ -0,0 +1,11 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+  start_date: 2024-04-11
+  end_date: 2024-04-11
+  user: one
+
+two:
+  start_date: 2024-04-11
+  end_date: 2024-04-11
+  user: two
--- a/test/models/access_period_test.rb
+++ b/test/models/access_period_test.rb
@ -0,0 +1,7 @@
+require "test_helper"
+
+class AccessPeriodTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end