app/controllers/admin/users_controller.rb
class Admin::UsersController < ApplicationController
before_action :set_user, only: %i[edit update destroy enrollment]
# GET /admin/users
def index
@users = policy_scope(User).order(:name).map do |user|
Admin::UserPresenter.new(user)
end
end
# GET /admin/users/1/edit
def edit; end
# PATCH/PUT /admin/users/1
def update
if @user.update(user_params)
redirect_to admin_users_path, notice: 'User was successfully updated.'
else
render :edit
end
end
# DELETE /admin/users/1
def destroy
@user.enrollments.where(team: current_team).destroy_all
redirect_to admin_users_path, notice: 'User was successfully destroyed.'
end
# PATCH /admin/users/1/enrollment
def enrollment
@enrollment = @user.enrollments.where(team: current_team).first
if @enrollment.update(is_admin: params[:is_admin])
redirect_to admin_users_path, notice: 'User was successfully updated.'
else
render :edit
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
@user = policy_scope(User).includes(:projects).find(params[:id])
authorize @user
end
# Only allow a trusted parameter "white list" through.
def user_params
params.fetch(:user, {}).permit(:email, :name, :initials)
end
end