Administrate

Gemfile

@@ -5,8 +5,10 @@ ruby '3.1.3'
 
 gem 'rails', '~> 7.0.6'
 
+gem 'activeadmin'
 gem 'bootsnap', require: false
 gem 'bootstrap', '~> 5.2'
+gem 'cancancan'
 gem 'capybara', group: [:test]
 gem 'debug', platforms: %i[ mri mingw x64_mingw ], group: [:development, :test]
 gem 'devise', '~> 4.9'

Gemfile.lock

@@ -54,6 +54,15 @@ GEM
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activeadmin (3.2.0)
+      arbre (~> 1.2, >= 1.2.1)
+      formtastic (>= 3.1)
+      formtastic_i18n (>= 0.4)
+      inherited_resources (~> 1.7)
+      jquery-rails (>= 4.2)
+      kaminari (>= 1.2.1)
+      railties (>= 6.1)
+      ransack (>= 4.0)
     activejob (7.0.6)
       activesupport (= 7.0.6)
       globalid (>= 0.3.6)
@@ -76,6 +85,9 @@ GEM
       tzinfo (~> 2.0)
     addressable (2.8.4)
       public_suffix (>= 2.0.2, < 6.0)
+    arbre (1.7.0)
+      activesupport (>= 3.0.0)
+      ruby2_keywords (>= 0.0.2)
     autoprefixer-rails (10.4.13.0)
       execjs (~> 2)
     bcrypt (3.1.19)
@@ -87,6 +99,7 @@ GEM
       popper_js (>= 2.11.6, < 3)
       sassc-rails (>= 2.0.0)
     builder (3.2.4)
+    cancancan (3.5.0)
     capybara (3.39.2)
       addressable
       matrix
@@ -111,19 +124,46 @@ GEM
     erubi (1.12.0)
     execjs (2.8.1)
     ffi (1.15.5)
+    formtastic (5.0.0)
+      actionpack (>= 6.0.0)
+    formtastic_i18n (0.7.0)
     globalid (1.1.0)
       activesupport (>= 5.0)
+    has_scope (0.8.2)
+      actionpack (>= 5.2)
+      activesupport (>= 5.2)
     i18n (1.14.1)
       concurrent-ruby (~> 1.0)
     importmap-rails (1.2.1)
       actionpack (>= 6.0.0)
       railties (>= 6.0.0)
+    inherited_resources (1.14.0)
+      actionpack (>= 6.0)
+      has_scope (>= 0.6)
+      railties (>= 6.0)
+      responders (>= 2)
     io-console (0.6.0)
     irb (1.7.4)
       reline (>= 0.3.6)
     jbuilder (2.11.5)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
+    jquery-rails (4.6.0)
+      rails-dom-testing (>= 1, < 3)
+      railties (>= 4.2.0)
+      thor (>= 0.14, < 2.0)
+    kaminari (1.2.2)
+      activesupport (>= 4.1.0)
+      kaminari-actionview (= 1.2.2)
+      kaminari-activerecord (= 1.2.2)
+      kaminari-core (= 1.2.2)
+    kaminari-actionview (1.2.2)
+      actionview
+      kaminari-core (= 1.2.2)
+    kaminari-activerecord (1.2.2)
+      activerecord
+      kaminari-core (= 1.2.2)
+    kaminari-core (1.2.2)
     loofah (2.21.3)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
@@ -160,6 +200,8 @@ GEM
       nio4r (~> 2.0)
     racc (1.7.1)
     rack (2.2.7)
+    rack-mini-profiler (3.3.1)
+      rack (>= 1.2.0)
     rack-test (2.1.0)
       rack (>= 1.3)
     rails (7.0.6)
@@ -191,13 +233,18 @@ GEM
       thor (~> 1.0)
       zeitwerk (~> 2.5)
     rake (13.0.6)
+    ransack (4.1.1)
+      activerecord (>= 6.1.5)
+      activesupport (>= 6.1.5)
+      i18n
     regexp_parser (2.8.1)
     reline (0.3.7)
       io-console (~> 0.5)
     responders (3.1.0)
       actionpack (>= 5.2)
       railties (>= 5.2)
     rexml (3.2.6)
+    ruby2_keywords (0.0.5)
     rubyzip (2.3.2)
     sassc (2.4.0)
       ffi (~> 1.9)
@@ -253,8 +300,10 @@ PLATFORMS
   arm64-darwin-22
 
 DEPENDENCIES
+  activeadmin
   bootsnap
   bootstrap (~> 5.2)
+  cancancan
   capybara
   debug
   devise (~> 4.9)
@@ -263,6 +312,7 @@ DEPENDENCIES
   jbuilder
   pg (~> 1.1)
   puma (~> 5.0)
+  rack-mini-profiler
   rails (~> 7.0.6)
   selenium-webdriver
   sprockets-rails

app/admin/dashboard.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+ActiveAdmin.register_page "Dashboard" do
+  menu priority: 1, label: proc { I18n.t("active_admin.dashboard") }
+
+  content title: proc { I18n.t("active_admin.dashboard") } do
+    div class: "blank_slate_container", id: "dashboard_default_message" do
+      span class: "blank_slate" do
+        span I18n.t("active_admin.dashboard_welcome.welcome")
+        small I18n.t("active_admin.dashboard_welcome.call_to_action")
+      end
+    end
+
+    # Here is an example of a simple dashboard with columns and panels.
+    #
+    # columns do
+    #   column do
+    #     panel "Recent Posts" do
+    #       ul do
+    #         Post.recent(5).map do |post|
+    #           li link_to(post.title, admin_post_path(post))
+    #         end
+    #       end
+    #     end
+    #   end
+
+    #   column do
+    #     panel "Info" do
+    #       para "Welcome to ActiveAdmin."
+    #     end
+    #   end
+    # end
+  end # content
+end

app/admin/users.rb

@@ -0,0 +1,28 @@
+ActiveAdmin.register User do
+  permit_params :email, :password, :password_confirmation
+
+  index do
+    selectable_column
+    id_column
+    column :email
+    column :current_sign_in_at
+    column :sign_in_count
+    column :created_at
+    actions
+  end
+
+  filter :email
+  filter :current_sign_in_at
+  filter :sign_in_count
+  filter :created_at
+
+  form do |f|
+    f.inputs do
+      f.input :email
+      f.input :password
+      f.input :password_confirmation
+    end
+    f.actions
+  end
+
+end

app/assets/javascripts/active_admin.js

@@ -0,0 +1 @@
+//= require active_admin/base

app/assets/stylesheets/active_admin.scss

@@ -0,0 +1,17 @@
+// Sass variable overrides must be declared before loading up Active Admin's styles.
+//
+// To view the variables that Active Admin provides, take a look at
+// `app/assets/stylesheets/active_admin/mixins/_variables.scss` in the
+// Active Admin source.
+//
+// For example, to change the sidebar width:
+// $sidebar-width: 242px;
+
+// Active Admin's got SASS!
+@import "active_admin/mixins";
+@import "active_admin/base";
+
+// Overriding any non-variable Sass must be done after the fact.
+// For example, to change the default status-tag color:
+//
+//   .status_tag { background: #6090DB; }

app/controllers/goals_controller.rb

@@ -1,8 +1,7 @@
 class GoalsController < ApplicationController
   before_action :authenticate_user!
   before_action :set_user
-  before_action :authorize_user
-  before_action :set_goal, only: [:show, :edit, :update, :destroy]
+  load_and_authorize_resource
 
   def index
     @goals = @user.goals
@@ -49,18 +48,7 @@ def set_user
     @user = User.find(params[:user_id])
   end
 
-  def set_goal
-    @goal = @user.goals.find(params[:id])
-  end
-
   def goal_params
     params.require(:goal).permit(:title, :description, :due_date)
   end
-
-  def authorize_user
-    unless @user == current_user || current_user.admin?
-      flash[:alert] = "You are not ßauthorized to access this goal."
-      redirect_to root_path
-    end
-  end
 end

app/controllers/salary_histories_controller.rb

@@ -1,12 +1,10 @@
 class SalaryHistoriesController < ApplicationController
   before_action :authenticate_user!
   before_action :set_user
-  before_action :authorize_user
-  before_action :set_salary_history, only: [:show, :edit, :update, :destroy]
   before_action :authorize_admin, only: [:index, :new, :create, :edit, :update, :destroy]
+  load_and_authorize_resource
 
   def index
-    @salary_histories = @user.salary_histories.order(change_date: :desc)
   end
 
   def show
@@ -33,22 +31,10 @@ def create
   end
 
   def edit
-    unless current_user.admin?
-      flash[:alert] = "Only administrators can edit salary histories."
-      redirect_to root_path
-      return
-    end
-
     @salary_history = @user.salary_histories.find(params[:id])
   end
 
   def update
-    unless current_user.admin?
-      flash[:alert] = "Only administrators can update salary histories."
-      redirect_to root_path
-      return
-    end
-
     if @salary_history.update(salary_history_params)
       if @salary_history.current_salary
         # Update user's other salary histories to set current_salary to false
@@ -68,29 +54,18 @@ def destroy
 
   private
 
-  def set_user
-    @user = User.find(params[:user_id])
+  def authorize_admin
+    unless current_user.admin?
+      flash[:alert] = "Only administrators can access this page."
+      redirect_to root_path
+    end
   end
 
-  def set_salary_history
-    @salary_history = @user.salary_histories.find(params[:id])
+  def set_user
+    @user = User.find(params[:user_id])
   end
 
   def salary_history_params
     params.require(:salary_history).permit(:job_title, :salary, :change_date, :change_reason, :current_salary, :user_id)
   end
-
-  def authorize_user
-    unless @user == current_user || current_user.admin?
-      flash[:alert] = "You are not authorized to access this Salary History."
-      redirect_to root_path
-    end
-  end
-
-  def authorize_admin
-    unless current_user.admin?
-      flash[:alert] = "Only administrators can access this page."
-      redirect_to root_path
-    end
-  end
 end

app/controllers/users_controller.rb

@@ -1,19 +1,13 @@
 class UsersController < ApplicationController
+  load_and_authorize_resource
 
   def show
-    @user = User.find(params[:id])
-    if @user == current_user || current_user.admin?
-    else
-      redirect_to root_url, alert: 'Access denied.'
-    end
   end
 
   def edit
-    @user = User.find(params[:id])
   end
 
   def update
-    @user = User.find(params[:id])
     if @user.update(user_params)
       redirect_to @user, notice: 'Profile was successfully updated.'
     else

app/models/ability.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+class Ability
+  include CanCan::Ability
+
+  def initialize(user)
+    # Define abilities for the user here. For example:
+    #
+    return unless user.present?
+
+    if user.admin?
+      can :manage, :all
+      return
+    end
+
+    can :manage, Goal, user: user
+    can :read, SalaryHistory, user: user
+    can :manage, User, user: user
+    #
+    # The first argument to `can` is the action you are giving the user
+    # permission to do.
+    # If you pass :manage it will apply to every action. Other common actions
+    # here are :read, :create, :update and :destroy.
+    #
+    # The second argument is the resource the user can perform the action on.
+    # If you pass :all it will apply to every resource. Otherwise pass a Ruby
+    # class of the resource.
+    #
+    # The third argument is an optional hash of conditions to further filter the
+    # objects.
+    # For example, here the user can only update published articles.
+    #
+    #   can :update, Article, published: true
+    #
+    # See the wiki for details:
+    # https://github.com/CanCanCommunity/cancancan/blob/develop/docs/define_check_abilities.md
+  end
+end