Finish user edit, update, index, and destroy action

Author: khin-alu

Gemfile

@@ -6,6 +6,8 @@ ruby "3.4.3"
 gem "rails", "8.0.2"
 gem "jsbundling-rails", "1.3.1"
 gem "bcrypt", "3.1.13"
+gem "faker", "3.5.2"
+gem "will_paginate", "4.0.1"
 gem "cssbundling-rails", "1.4.3"
 gem "propshaft", "1.2.1"
 gem "importmap-rails", "2.1.0"

Gemfile.lock

@@ -108,6 +108,8 @@ GEM
     ed25519 (1.4.0)
     erb (5.0.2)
     erubi (1.13.1)
+    faker (3.5.2)
+      i18n (>= 1.8.11, < 2)
     ffi (1.17.2-aarch64-linux-gnu)
     ffi (1.17.2-aarch64-linux-musl)
     ffi (1.17.2-arm-linux-gnu)
@@ -336,6 +338,7 @@ GEM
       base64
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
+    will_paginate (4.0.1)
     xpath (3.2.0)
       nokogiri (~> 1.8)
     zeitwerk (2.7.3)
@@ -355,6 +358,7 @@ DEPENDENCIES
   capybara (= 3.40.0)
   cssbundling-rails (= 1.4.3)
   debug (= 1.11.0)
+  faker (= 3.5.2)
   guard (= 2.19.1)
   guard-minitest (= 2.4.6)
   importmap-rails (= 2.1.0)
@@ -376,6 +380,7 @@ DEPENDENCIES
   tzinfo-data (= 1.2025.2)
   web-console (= 4.2.1)
   webdrivers (= 5.3.1)
+  will_paginate (= 4.0.1)
 
 RUBY VERSION
    ruby 3.4.3p32

app/assets/stylesheets/application.bootstrap.scss

@@ -204,3 +204,14 @@ input {
   width: auto;
   margin-left: 0;
 }
+
+/* Users index */
+.users {
+  list-style: none;
+  margin: 0;
+  li {
+    overflow: auto;
+    padding: 10px 0;
+    border-bottom: 1px solid $gray-500;
+  }
+}

app/controllers/sessions_controller.rb

@@ -5,10 +5,11 @@ def new
   def create
     user = User.find_by(email: params[:session][:email].downcase)
     if user && user.authenticate(params[:session][:password])
+      forwarding_url = session[:forwarding_url]
       reset_session
       params[:session][:remember_me] == "1" ? remember(user) : forget(user)
       log_in user
-      redirect_to user
+      redirect_to forwarding_url || user
     else
       flash.now[:danger] = "Invalid email/password combination"
       render "new", status: :unprocessable_entity

app/controllers/users_controller.rb

@@ -1,4 +1,8 @@
 class UsersController < ApplicationController
+  before_action :logged_in_user, only: [:index, :edit, :update, :destroy]
+  before_action :correct_user, only: [:edit, :update]
+  before_action :admin_user, only: :destroy
+
   def show
     @user = User.find(params[:id])
   end
@@ -19,10 +23,56 @@ def create
     end
   end
 
+  def edit
+    # @user = User.find(params[:id])
+  end
+
+  def update
+    if @user.update(user_params)
+      flash[:success] = "Profile updated"
+      redirect_to @user
+    else
+      render "edit", status: :unprocessable_entity
+    end
+  end
+
+  def show
+    @user = User.find(params[:id])
+  end
+
+  def index
+    @users = User.paginate(page: params[:page])
+  end
+
+  def destroy
+    User.find(params[:id]).destroy
+    flash[:success] = "User deleted"
+    redirect_to users_url, status: :see_other
+  end
+
   private
 
   def user_params
     params.require(:user).permit(:name, :email, :password,
                                  :password_confirmation)
   end
+
+  def logged_in_user
+    unless logged_in?
+      store_location
+      flash[:danger] = "Please log in."
+      redirect_to login_url, status: :see_other
+    end
+  end
+
+  # Confirms the correct user.
+  def correct_user
+    @user = User.find(params[:id])
+    redirect_to(root_url, status: :see_other) unless current_user?(@user)
+  end
+
+  # Confirms an admin user.
+  def admin_user
+    redirect_to(root_url, status: :see_other) unless current_user.admin?
+  end
 end

app/helpers/sessions_helper.rb

@@ -31,6 +31,11 @@ def current_user
     end
   end
 
+  # Returns true if the given user is the current user.
+  def current_user?(user)
+    user && user == current_user
+  end
+
   # Returns true if the user is logged in, false otherwise.
   def logged_in?
     !current_user.nil?
@@ -49,4 +54,9 @@ def log_out
     reset_session
     @current_user = nil
   end
-end
+
+  # Stores the URL trying to be accessed.
+  def store_location
+    session[:forwarding_url] = request.original_url if request.get?
+  end
+end

app/helpers/users_helper.rb

@@ -1,7 +1,8 @@
 module UsersHelper
   # Returns the Gravatar for the given user.
   # Returns the Gravatar for the given user.
-  def gravatar_for(user, size: 80)
+  def gravatar_for(user, options = { size: 80 })
+    size = options[:size]
     gravatar_id = Digest::MD5::hexdigest(user.email.downcase)
     gravatar_url = "https://secure.gravatar.com/avatar/#{gravatar_id}?s=#{size}"
     image_tag(gravatar_url, alt: user.name, class: "gravatar")

app/models/user.rb

@@ -7,7 +7,7 @@ class User < ApplicationRecord
                     format: { with: VALID_EMAIL_REGEX },
                     uniqueness: true
   has_secure_password
-  validates :password, presence: true, length: { minimum: 6 }
+  validates :password, presence: true, length: { minimum: 6 }, allow_nil: true
   # Returns the hash digest of the given string.
   def User.digest(string)
     cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST :

app/views/layouts/_header.html.erb

@@ -5,8 +5,8 @@
             <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavDropdown" aria-controls="navbarNavDropdown" aria-expanded="false" aria-label="Toggle navigation">
                 <span class="navbar-toggler-icon"></span>
             </button>
+            <span class="visually-hidden">Toggle navigation</span>
             <div class="collapse navbar-collapse" id="navbarNavDropdown">
-
                 <ul class="navbar-nav ms-auto">
                     <li class="nav-item">
                         <%= link_to "Home", root_path, class: "nav-link" %>
@@ -15,15 +15,14 @@
                         <%= link_to "Help", help_path, class: "nav-link" %>
                     </li>
                     <% if logged_in? %>
-                    <li><%= link_to "Users", '#', class: "nav-link" %></li>
+                    <li><%= link_to "Users", users_path, class: "nav-link" %></li>
                     <li class="dropdown nav-link">
-
                         <a href="#" id="account" class="dropdown-toggle" data-bs-toggle="dropdown">
                             Account <b class="caret"></b>
                         </a>
                         <ul id="dropdown-menu" class="dropdown-menu">
                             <li><%= link_to "Profile", current_user %></li>
-                            <li><%= link_to "Settings", '#' %></li>
+                            <li><%= link_to "Settings", edit_user_path(current_user) %></li>
                             <li class="divider"></li>
                             <li>
                                 <%= link_to "Log out", logout_path,

app/views/users/_user.html.erb

@@ -0,0 +1,8 @@
+<li>
+    <%= gravatar_for user, size: 50 %>
+    <%= link_to user.name, user %>
+    <% if current_user.admin? && !current_user?(user) %>
+    | <%= link_to "delete", user, data: { "turbo-method": :delete,
+turbo_confirm: "You sure?" } %>
+    <% end %>
+</li>