Section 7.4.9: Add feature for deleting users, including protection against self-deletion

Author: Ryan Bigg

ticketee/app/controllers/admin/users_controller.rb

@@ -40,6 +40,17 @@ def update
     end
   end
 
+  def destroy
+    if @user == current_user
+      flash[:alert] = "You cannot delete yourself!"
+    else
+      @user.destroy
+      flash[:notice] = "User has been deleted."
+    end
+
+    redirect_to admin_users_path
+  end
+
   private
 
     def set_user

ticketee/app/views/admin/users/show.html.erb

@@ -1,3 +1,6 @@
 <h2><%= @user %></h2>
 
-<%= link_to "Edit User", edit_admin_user_path(@user) %>
+<%= link_to "Edit User", edit_admin_user_path(@user), class: "edit" %>
+<%= link_to "Delete User", admin_user_path(@user), method: :delete,
+  data: { confirm: "Are you sure you want to delete this user?"},
+  class: "delete" %>

ticketee/spec/features/admin/deleting_users_spec.rb

@@ -0,0 +1,28 @@
+require "rails_helper"
+
+feature "Deleting users" do
+  let!(:admin_user) { FactoryGirl.create(:admin_user) }
+  let!(:user) { FactoryGirl.create(:user) }
+
+  before do
+    login_as(admin_user)
+    visit "/"
+
+    click_link "Admin"
+    click_link "Users"
+  end
+
+  scenario "Deleting a user" do
+    click_link user.email
+    click_link "Delete User"
+
+    expect(page).to have_content("User has been deleted")
+  end
+
+  scenario "Users cannot delete themselves" do
+    click_link admin_user.email
+    click_link "Delete User"
+
+    expect(page).to have_content("You cannot delete yourself!")
+  end
+end