User mgmt (moderators), to allow for password changes

3 years ago · 129bf02113
4 changed files with 14 additions and 10 deletions
--- a/app/admin/dashboard.rb
+++ b/app/admin/dashboard.rb
@ -4,11 +4,10 @@ ActiveAdmin.register_page 'Dashboard' do
  content title: proc { I18n.t('active_admin.dashboard') } do
    columns do
      column do
-        panel 'Moderateurs' do
+        panel link_to 'Moderateurs', :admin_users do
          ul do
            User.all.map do |user|
-              li link_to("#{user.firstname} #{user.lastname} (#{user.login})",
-                         user)
+              li "#{user.firstname} #{user.lastname} (#{user.login})"
            end
          end
        end
--- a/app/assets/stylesheets/maps.sass
+++ b/app/assets/stylesheets/maps.sass
@ -18,12 +18,6 @@
      display: inline-block !important
      position: relative !important

-.tags #map
-  width: 40%
-  height: 60em
-  margin: 1.6em 2%
-  display: inline-block
-
 // Left align the map controls placed in the top right corner
 section.leaflet-control-layers-list label
  .awesome-marker
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -2,6 +2,8 @@
 class ApplicationController < ActionController::Base
  before_action :set_paper_trail_whodunnit, :set_locale, :discard
  before_action :set_mailer_host, if: :devise_controller?
+  before_action :configure_permitted_parameters, if: :devise_controller?
+
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery prepend: true, with: :exception
@ -34,4 +36,9 @@ class ApplicationController < ActionController::Base
  def handle_xhr_layout
    request.xhr? ? false : 'application'
  end
+
+  def configure_permitted_parameters
+    update_attrs = %i[password password_confirmation current_password]
+    devise_parameter_sanitizer.permit :account_update, keys: update_attrs
+  end
 end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -41,7 +41,11 @@ Rails.application.routes.draw do
  get '(:format).php',
      to: redirect { |_, r| "events.#{r.format.to_sym}?#{r.query_string}" }

-  devise_for :users
+  devise_for :users, skip: [:registrations]
+  as :user do
+    get 'users/edit' => 'devise/registrations#edit', as: 'edit_user_registration'
+    put 'users' => 'devise/registrations#update', as: 'user_registration'
+  end
  devise_for :admin_users, ActiveAdmin::Devise.config
  ActiveAdmin.routes(self)