From c4fed4bbcc046767b3832f5e933aebbde4593b6d Mon Sep 17 00:00:00 2001 From: Zachary Rabinovich Date: Sat, 15 Sep 2018 10:32:12 -0700 Subject: [PATCH] Add the ability to assign roles in the admin panel closes #7868 --- Changelog.md | 2 + app/controllers/admin/users_controller.rb | 67 +++++++++++++++++++++++ app/models/role.rb | 20 +++++++ app/models/user.rb | 8 +++ app/views/admins/_user_entry.haml | 48 ++++++++++++++++ config/locales/diaspora/en.yml | 18 ++++++ config/routes.rb | 6 ++ 7 files changed, 169 insertions(+) diff --git a/Changelog.md b/Changelog.md index 59eca2dd2..eb225ea43 100644 --- a/Changelog.md +++ b/Changelog.md @@ -6,6 +6,8 @@ ## Features +* Add the ability to assign roles in the admin panel [#7868](https://github.com/diaspora/diaspora/pull/7868) + # 0.7.7.0 ## Refactor diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index 376603b51..09ffcbbe6 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -2,6 +2,7 @@ module Admin class UsersController < AdminController + before_action :validate_user, only: %i(make_admin remove_admin make_moderator remove_moderator make_spotlight remove_spotlight) def close_account u = User.find(params[:id]) @@ -21,5 +22,71 @@ module Admin redirect_to user_search_path, notice: t("admins.user_search.account_unlocking_scheduled", name: u.username) end + def make_admin + unless Role.is_admin? @user.person + Role.add_admin @user.person + notice = "admins.user_search.add_admin" + else + notice = "admins.user_search.role_implemented" + end + redirect_to user_search_path, notice: t(notice, name: @user.username) + end + + def remove_admin + if Role.is_admin? @user.person + Role.remove_admin @user.person + notice = "admins.user_search.delete_admin" + else + notice = "admins.user_search.role_removal_implemented" + end + redirect_to user_search_path, notice: t(notice, name: @user.username) + end + + def make_moderator + unless Role.moderator_only? @user.person + Role.add_moderator @user.person + notice = "admins.user_search.add_moderator" + else + notice = "admins.user_search.role_implemented" + end + redirect_to user_search_path, notice: t(notice, name: @user.username) + end + + def remove_moderator + if Role.moderator_only? @user.person + Role.remove_moderator @user.person + notice = "admins.user_search.delete_moderator" + else + notice = "admins.user_search.role_removal_implemented" + end + redirect_to user_search_path, notice: t(notice, name: @user.username) + end + + def make_spotlight + unless Role.spotlight? @user.person + Role.add_spotlight @user.person + notice = "admins.user_search.add_spotlight" + else + notice = "admins.user_search.role_implemented" + end + redirect_to user_search_path, notice: t(notice, name: @user.username) + end + + def remove_spotlight + if Role.spotlight? @user.person + Role.remove_spotlight @user.person + notice = "admins.user_search.delete_spotlight" + else + notice = "admins.user_search.role_removal_implemented" + end + redirect_to user_search_path, notice: t(notice, name: @user.username) + end + + private + + def validate_user + @user = User.where(id: params[:id]).first + redirect_to user_search_path, notice: t("admins.user_search.does_not_exist") unless @user + end end end diff --git a/app/models/role.rb b/app/models/role.rb index 199381d28..70f201b66 100644 --- a/app/models/role.rb +++ b/app/models/role.rb @@ -19,15 +19,35 @@ class Role < ApplicationRecord find_or_create_by(person_id: person.id, name: "admin") end + def self.remove_admin(person) + find_by(person_id: person.id, name: "admin").destroy + end + def self.moderator?(person) moderators.exists?(person_id: person.id) end + def self.moderator_only?(person) + exists?(person_id: person.id, name: "moderator") + end + def self.add_moderator(person) find_or_create_by(person_id: person.id, name: "moderator") end + def self.remove_moderator(person) + find_by(person_id: person.id, name: "moderator").destroy + end + + def self.spotlight?(person) + exists?(person_id: person.id, name: "spotlight") + end + def self.add_spotlight(person) find_or_create_by(person_id: person.id, name: "spotlight") end + + def self.remove_spotlight(person) + find_by(person_id: person.id, name: "spotlight").destroy + end end diff --git a/app/models/user.rb b/app/models/user.rb index e6fa252be..069b0ac77 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -466,6 +466,14 @@ class User < ApplicationRecord Role.moderator?(person) end + def moderator_only? + Role.moderator_only?(person) + end + + def spotlight? + Role.spotlight?(person) + end + def podmin_account? username == AppConfig.admins.account end diff --git a/app/views/admins/_user_entry.haml b/app/views/admins/_user_entry.haml index 3ab517836..bfd9576f3 100644 --- a/app/views/admins/_user_entry.haml +++ b/app/views/admins/_user_entry.haml @@ -42,6 +42,24 @@ %span.label.label-warning= t(".yes") - else %span.label.label-success= t(".no") + %dt= t(".admin") + %dd + - if user.admin? + %span.label.label-success= t(".yes") + - else + %span.label.label-warning= t(".no") + %dt= t(".moderator") + %dd + - if user.moderator_only? + %span.label.label-success= t(".yes") + - else + %span.label.label-warning= t(".no") + %dt= t(".spotlight") + %dd + - if user.spotlight? + %span.label.label-success= t(".yes") + - else + %span.label.label-warning= t(".no") %h4= t("layouts.header.profile") @@ -79,3 +97,33 @@ method: :post, data: {confirm: t("admins.user_search.are_you_sure_lock_account")}, class: "btn btn-danger btn-block" + - if Role.is_admin?(user.person) + = link_to t("admins.user_search.remove_admin"), + admin_remove_admin_path(user), + method: :post, + class: "btn btn-danger btn-block" + - else + = link_to t("admins.user_search.make_admin"), + admin_make_admin_path(user), + method: :post, + class: "btn btn-info btn-block" + - if Role.moderator_only?(user.person) + = link_to t("admins.user_search.remove_moderator"), + admin_remove_moderator_path(user), + method: :post, + class: "btn btn-danger btn-block" + - else + = link_to t("admins.user_search.make_moderator"), + admin_make_moderator_path(user), + method: :post, + class: "btn btn-info btn-block" + - if Role.spotlight?(user.person) + = link_to t("admins.user_search.remove_spotlight"), + admin_remove_spotlight_path(user), + method: :post, + class: "btn btn-danger btn-block" + - else + = link_to t("admins.user_search.make_spotlight"), + admin_make_spotlight_path(user), + method: :post, + class: "btn btn-info btn-block" diff --git a/config/locales/diaspora/en.yml b/config/locales/diaspora/en.yml index c4b031bc3..bae387b94 100644 --- a/config/locales/diaspora/en.yml +++ b/config/locales/diaspora/en.yml @@ -117,6 +117,21 @@ en: account_closing_scheduled: "The account of %{name} is scheduled to be closed. It will be processed in a few moments..." account_locking_scheduled: "The account of %{name} is scheduled to be locked. It will be processed in a few moments..." account_unlocking_scheduled: "The account of %{name} is scheduled to be unlocked. It will be processed in a few moments..." + make_admin: "Make admin" + remove_admin: "Remove as admin" + make_moderator: "Make moderator" + remove_moderator: "Remove as moderator" + make_spotlight: "Add to community spotlight" + remove_spotlight: "Remove from community spotlight" + add_admin: "%{name} has been made an admin." + delete_admin: "%{name} has been removed from the list of admins." + add_moderator: "%{name} has been made a moderator." + delete_moderator: "%{name} has been removed from the list of moderators." + add_spotlight: "%{name} has been added to community spotlight." + delete_spotlight: "%{name} has been removed from community spotlight." + does_not_exist: "User does not exist!" + role_implemented: "%{name} has already been given this role!" + role_removal_implemented: "%{name} has already been removed from this role!" email_to: "Email to invite" invite: "Invite" under_13: "Show users that are under 13 (COPPA)" @@ -132,6 +147,9 @@ en: last_seen: "Last seen" account_closed: "Account closed" nsfw: "#nsfw" + admin: "Admin" + moderator: "Moderator" + spotlight: "Spotlight" unknown: "Unknown" invite_token: "Invite token" 'yes': "Yes" diff --git a/config/routes.rb b/config/routes.rb index f7ad53bec..873299b9a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -149,6 +149,12 @@ Rails.application.routes.draw do post 'users/:id/close_account' => 'users#close_account', :as => 'close_account' post 'users/:id/lock_account' => 'users#lock_account', :as => 'lock_account' post 'users/:id/unlock_account' => 'users#unlock_account', :as => 'unlock_account' + post 'users/:id/make_admin' => 'users#make_admin', :as => 'make_admin' + post 'users/:id/remove_admin' => 'users#remove_admin', :as => 'remove_admin' + post 'users/:id/make_moderator' => 'users#make_moderator', :as => 'make_moderator' + post 'users/:id/remove_moderator' => 'users#remove_moderator', :as => 'remove_moderator' + post 'users/:id/make_spotlight' => 'users#make_spotlight', :as => 'make_spotlight' + post 'users/:id/remove_spotlight' => 'users#remove_spotlight', :as => 'remove_spotlight' end resource :profile, :only => [:edit, :update]