Merge pull request #6 from openjournals/editing

xuanxu · web-flow · commit 2ca9871bc8f5 · 2023-05-26T13:48:27.000+02:00
Admin: editing user data
diff --git a/app/assets/stylesheets/application.tailwind.css b/app/assets/stylesheets/application.tailwind.css
@@ -46,10 +46,13 @@
   }
 
   .btn-primary {
-    @apply py-2 px-4 bg-indigo-600 hover:bg-indigo-700 focus:bg-indigo-500 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer;
+    @apply py-2 px-4 bg-indigo-600 hover:bg-indigo-700 focus:bg-indigo-500 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer whitespace-nowrap;
+  }
+  .btn-action {
+    @apply py-2 px-4 bg-amber-500 hover:bg-amber-700 focus:bg-amber-600 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer whitespace-nowrap;
   }
   .btn-danger {
-    @apply py-2 px-4 bg-red-600 hover:bg-red-700 focus:bg-red-500 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer;
+    @apply py-2 px-4 bg-red-600 hover:bg-red-700 focus:bg-red-500 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer whitespace-nowrap;
   }
 
   .alert-error {
diff --git a/app/controllers/feedbacks_controller.rb b/app/controllers/feedbacks_controller.rb
@@ -1,5 +1,6 @@
 class FeedbacksController < ApplicationController
-  before_action :require_editor
+  before_action :require_editor, except: :admin_destroy
+  before_action :require_admin, only: :admin_destroy
 
   def create
     @feedback = current_editor.given_feedbacks.build(feedback_params)
@@ -20,6 +21,12 @@ def destroy
     redirect_to reviewer_path(reviewer_id), notice: "Feedback deleted"
   end
 
+  def admin_destroy
+    feedback = Feedback.find(params[:id])
+    reviewer_id = feedback.user_id
+    feedback.destroy
+    redirect_to user_path(reviewer_id), notice: "Feedback deleted"
+  end
 
   private
 
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -1,13 +1,24 @@
 class UsersController < ApplicationController
   before_action :require_admin
-  before_action :load_user, only: [:update, :destroy]
+  before_action :load_user, only: [:edit, :update, :status, :destroy]
 
   def show
     @user = User.includes(:languages, :areas).find(params[:id])
     @feedbacks = @user.feedbacks.includes(:editor).page(params[:page])
   end
 
+  def edit
+  end
+
   def update
+    if @user.update(user_update_params)
+      redirect_to user_path(@user), notice: "User data updated!"
+    else
+      render action: :edit, status: :unprocessable_entity
+    end
+  end
+
+  def status
     @user.update(user_status_params)
     redirect_to user_path(@user), notice: "User status updated!"
   end
@@ -26,4 +37,8 @@ def load_user
   def user_status_params
     params.permit(:reviewer, :editor, :admin)
   end
+
+  def user_update_params
+    params.require(:user).permit(:github, :complete_name, :citation_name, :email, :affiliation, { area_ids: [], language_ids: [] }, :domains, :url, :description)
+  end
 end
diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb
@@ -0,0 +1,116 @@
+<div class="justify-content-lg-center px-9">
+  <h1><%= @user.screen_name %></h1>
+  <%= form_for(@user, url: user_path(@user)) do |f| %>
+    <% if @user.errors.any? {|error| error.attribute == :github && error.message == "has already been taken" } %>
+      <div id="error_explanation" class="alert-error">
+        <p>The reviewer with the GitHub username <strong><%= @user.github %></strong> is already registered in the system.</p>
+        If it does not appear in the <%= link_to "reviewers search", search_reviewers_path(name: @user.github), class: "underline cursor-pointer" %> they have probably mark themselves as not available for review at the moment.
+      </div>
+    <% elsif @user.errors.any? %>
+      <div id="error_explanation" class="alert-error">
+        <h3><%= pluralize(@user.errors.count, "error") %>, prohibited to create the reviewer:</h3>
+        <ul>
+          <% @user.errors.each do |error| %>
+            <li><strong><%= error.attribute.to_s.humanize %></strong>: <%= error.message %></li>
+          <% end %>
+        </ul>
+      </div>
+    <% end %>
+
+    <div class="grid sm:grid-cols-2 gap-y-5 gap-x-16">
+      <div>
+        <div class="block mb-5">
+          <%= f.label :github, "GitHub username <small><sup>*(mandatory)</sup></small>".html_safe %>
+          <%= f.text_field :github, class: "form-input mt-1 block w-full" %>
+        </div>
+
+        <div class="block mb-5">
+          <%= f.label :complete_name %>
+          <%= f.text_field :complete_name, class: "form-input mt-1 block w-full", placeholder: "e.g. Ada Lovelace" %>
+        </div>
+
+        <div class="block mb-5">
+          <%= f.label :citation_name %>
+          <%= f.text_field :citation_name, class: "form-input mt-1 block w-full", placeholder: "e.g. Lovelace, A." %>
+        </div>
+
+        <div class="block mb-5">
+          <%= f.label :email %>
+          <%= f.text_field :email, class: "form-input mt-1 block w-full" %>
+        </div>
+
+        <div class="block mb-5">
+          <%= f.label :affiliation %>
+          <%= f.text_field :affiliation, class: "form-input mt-1 block w-full" %>
+        </div>
+
+        <div class="block mb-5">
+          <%= f.label :url, "URL" %>
+          <%= f.text_field :url, class: "form-input mt-1 block w-full" %>
+        </div>
+
+        <div class="block mb-5">
+          <%= f.label :description, "Public description" %>
+          <%= f.text_area :description, rows: 4, class: "form-textarea mt-1 block w-full" %>
+        </div>
+
+      </div>
+
+      <div>
+        <% if Area.count > 10 %>
+          <div class="block mb-5" data-controller="autocomplete" data-autocomplete-url-value="<%= search_areas_path %>">
+            <%= label_tag :area_search, "Area(s) of expertise" %>
+            <%= text_field_tag :area_search, nil, class: "form-input mt-1 block w-full", data: {"autocomplete-target" => "input"}, placeholder: "Please choose at least one" %>
+            <ul class="areas-options" data-autocomplete-target="results"></ul>
+          </div>
+
+          <div class="block mb-5" data-controller="area-tags">
+            <div id="area_tags">
+              <% @user.areas.each do |area| %>
+                <span id="area_tag_<%= area.id %>" class="tag">
+                  <span aria-hidden="true" class="close-tag" aria-label="Remove area" data-area-tags-area-param="<%= area.id %>" data-action="click->area-tags#removeTag">&times;</span>
+                  <%= area.name %>
+                </span>
+              <% end %>
+            </div>
+            <div id="user_area_hidden_fields">
+              <%= hidden_field_tag "user[area_ids][]", "", {id: "user_area_ids_empty"} %>
+            <% @user.area_ids.each do |id| %>
+              <%= hidden_field_tag "user[area_ids][]", id, {id: "user_area_ids_#{id}"} %>
+            <% end %>
+            </div>
+          </div>
+        <% else %>
+          <div class="block mb-5">
+            <%= f.label :area_ids, "Area(s) of expertise" %>
+            <div class="form-input w-full grid grid-cols-1">
+              <%= f.collection_check_boxes(:area_ids, Area.all, :id, :name)  do |b|
+                    b.label(class: " mt-1 block") { b.check_box(class: "form-checkbox mx-2") + "#{b.text}" }
+                  end %>
+            </div>
+          </div>
+        <% end %>
+
+        <div class="block mb-5">
+          <%= f.label :domains, "Domains/topic areas of the reviewer" %>
+          <%= f.text_field :domains, class: "form-input mt-1 block w-full", placeholder: "e.g. Mathematics, numerical analysis, statistics, exoplanets" %>
+        </div>
+
+        <div class="block mb-5">
+          <%= f.label :language_ids, "Programming language(s) for the reviewer" %>
+          <div class="form-input w-full grid sm:grid-cols-3">
+            <%= f.collection_check_boxes(:language_ids, Language.all, :id, :name)  do |b|
+                  b.label(class: " mt-1 block") { b.check_box(class: "form-checkbox mx-2") + "#{b.text}" }
+                end %>
+          </div>
+        </div>
+      </div>
+
+    </div>
+
+    <div class="block mb-5">
+      <%= f.submit "Update user profile", class: "btn-primary" %>
+      <%= link_to "Cancel", user_path(@user), class: "btn-action" %>
+    </div>
+  <% end %>
+</div>
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
@@ -22,26 +22,27 @@
 
   <div class="block mb-5 w-full">
     <% if @user.reviewer? %>
-      <%= link_to "⏬ Remove reviewer status", user_path(@user, reviewer: false), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
+      <%= link_to "⏬ Remove reviewer status", status_user_path(@user, reviewer: false), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
     <% else %>
-      <%= link_to "⏫ Grant reviewer status", user_path(@user, reviewer: true), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
+      <%= link_to "⏫ Grant reviewer status", status_user_path(@user, reviewer: true), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
     <% end %>
 
     <% if @user.editor? %>
-      <%= link_to "⏬ Remove editor status", user_path(@user, editor: false), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
+      <%= link_to "⏬ Remove editor status", status_user_path(@user, editor: false), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
     <% else %>
-      <%= link_to "⏫ Grant editor status", user_path(@user, editor: true), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
+      <%= link_to "⏫ Grant editor status", status_user_path(@user, editor: true), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
     <% end %>
 
     <% if @user != current_admin %>
       <% if @user.admin? %>
-        <%= link_to "⏬ Remove admin status", user_path(@user, admin: false), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
+        <%= link_to "⏬ Remove admin status", status_user_path(@user, admin: false), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
       <% else %>
-        <%= link_to "⏫ Grant admin status", user_path(@user, admin: true), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
+        <%= link_to "⏫ Grant admin status", status_user_path(@user, admin: true), data: { turbo_method: :put }, class: "btn-primary mb-1" %>
       <% end %>
     <% end %>
 
     <% if @user != current_admin %>
+      <%= link_to "🔠 Edit", edit_user_path(@user), class: "btn-action mb-1" %>
       <%= link_to "🚮 Delete user", user_path(@user), data: { turbo_method: :delete, turbo_confirm: "Are you sure you want to delete this user?" }, class: "btn-danger mb-1" %>
     <% end %>
 
@@ -135,6 +136,7 @@
         <td class="max-w-fit text-center">
           by: <%= github_link(feedback.editor&.github) %>
           <%= " | ".html_safe + link_to("Reference", feedback.link, target: "_blank", title: "Go to review") if feedback.link.present? %>
+          <%= " | ".html_safe + link_to("Delete", admin_destroy_feedback_path(feedback), data: { turbo_method: :delete, turbo_confirm: "Are you sure you want to delete this feedback?" })  %>
         </td>
       </tr>
     <% end %>
diff --git a/config/routes.rb b/config/routes.rb
@@ -23,7 +23,9 @@
     get :find_users, on: :collection
   end
 
-  resources :users, only: [:show, :update, :destroy]
+  resources :users, only: [:show, :edit, :update, :destroy] do
+    put :status, on: :member
+  end
 
   resources :reviewers, only: [:show, :index, :new, :create] do
     get :search, on: :collection
@@ -33,7 +35,9 @@
     get :search, on: :collection
   end
 
-  resources :feedbacks, only: [:create, :destroy]
+  resources :feedbacks, only: [:create, :destroy] do
+    delete :admin_destroy, on: :member
+  end
 
   get '/join', to: 'home#reviewer_signup', as: :reviewer_signup
   get '/lookup', to: 'home#no_reviewer_signup', as: :no_reviewer_signup
diff --git a/spec/system/admin_dashboard_spec.rb b/spec/system/admin_dashboard_spec.rb
@@ -6,6 +6,7 @@
   end
 
   scenario "Is only available to admins" do
+    user = create(:user)
     visit root_path
     expect(page).to_not have_content("Manage users")
     expect {
@@ -18,19 +19,27 @@
     expect {
       visit admin_path
     }.to raise_exception(ActionController::RoutingError, "Not Found")
+    expect {
+      visit edit_user_path(user)
+    }.to raise_exception(ActionController::RoutingError, "Not Found")
 
     login_as create(:editor)
     visit root_path
     expect(page).to_not have_content("Manage users")
     expect {
       visit admin_path
     }.to raise_exception(ActionController::RoutingError, "Not Found")
+    expect {
+      visit edit_user_path(user)
+    }.to raise_exception(ActionController::RoutingError, "Not Found")
 
     login_as create(:admin)
     visit root_path
     expect(page).to have_content("Manage users")
     click_link("Manage users")
     expect(page).to have_current_path(admin_path)
+    visit edit_user_path(user)
+    expect(page).to have_current_path(edit_user_path(user))
   end
 
   describe "Search users" do
@@ -115,11 +124,11 @@
 
   describe "Edit user" do
     before do
-      user = create(:user, complete_name: "Tester McTest", github: "test33")
+      @user = create(:user, complete_name: "Tester McTest", github: "test33")
       login_as create(:admin)
       visit admin_path
       click_link "Tester McTest"
-      expect(page).to have_current_path(user_path(user))
+      expect(page).to have_current_path(user_path(@user))
     end
 
     scenario "show user roles" do
@@ -212,6 +221,69 @@
       expect(page).to have_link("Grant editor status")
       expect(page).to have_link("Grant admin status")
     end
+
+    scenario "update profile data" do
+      expect(page).to have_content("Tester McTest")
+      expect(page).to have_content("GitHub: test33")
+      create(:language, name: "Julia")
+      create(:language, name: "Python")
+      create(:area, name: "Astronomy")
+      create(:area, name: "Plant Science")
+
+      click_link "Edit"
+      expect(page).to have_current_path(edit_user_path(@user))
+      expect(page).to have_content("Tester McTest")
+
+      fill_in "user_github", with: "NewHandle"
+      fill_in "user_complete_name", with: "Tester Reviewer"
+      fill_in "user_citation_name", with: "Reviewer., T."
+      fill_in "user_email", with: "tester@teste.rs"
+      fill_in "user_affiliation", with: "Reviewing University"
+      fill_in "user_url", with: "http://testing.revs/reviewer33"
+      fill_in "user_description", with: "Head of plant division"
+      check("Plant Science")
+      fill_in "user_domains", with: "Trees, Forests"
+      check("Julia")
+      expect {
+        click_button "Update user profile"
+      }.to_not change { User.count }
+
+      expect(page).to have_content("User data updated!")
+
+      visit user_path(@user)
+      expect(page).to_not have_content("Tester McTest")
+      expect(page).to_not have_content("GitHub: test33")
+
+      expect(page).to have_content("GitHub: NewHandle")
+      expect(page).to have_content("Name: Tester Reviewer")
+      expect(page).to have_content("Citation name: Reviewer., T.")
+      expect(page).to have_content("Email: tester@teste.rs")
+      expect(page).to have_content("Affiliation:\nReviewing University")
+      expect(page).to have_content("URL:\nhttp://testing.revs/reviewer33")
+      expect(page).to have_content("Description:\nHead of plant division")
+      expect(page).to have_content("Area(s) of expertise:\nPlant Science")
+      expect(page).to have_content("Domains:\nTrees, Forests")
+      expect(page).to have_content("Programming languages:\nJulia")
+    end
+
+    scenario "delete feedback" do
+      editor = create(:editor)
+      feedback = create(:feedback, user: @user, editor: editor, rating: "positive", comment: "A very nice comment")
+
+      visit user_path(@user)
+
+      within("#feedback-#{feedback.id}") do
+        expect(page).to have_content("A very nice comment")
+        expect(page).to have_content("Delete")
+        click_link "Delete"
+      end
+
+      expect(page).to have_content("Feedback deleted")
+      expect(page).to_not have_content("A very nice comment")
+
+      visit user_path(@user)
+      expect(page).to have_content("There's no feedback for this reviewer yet.")
+    end
   end
 
   describe "Show user page" do
diff --git a/spec/system/feedback_spec.rb b/spec/system/feedback_spec.rb

Original file line number	Diff line number	Diff line change
`@@ -46,10 +46,13 @@`
`46`	`46`	`}`
`47`	`47`
`48`	`48`	`.btn-primary {`
`49`		`- @apply py-2 px-4 bg-indigo-600 hover:bg-indigo-700 focus:bg-indigo-500 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer;`
	`49`	`+ @apply py-2 px-4 bg-indigo-600 hover:bg-indigo-700 focus:bg-indigo-500 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer whitespace-nowrap;`
	`50`	`+ }`
	`51`	`+ .btn-action {`
	`52`	`+ @apply py-2 px-4 bg-amber-500 hover:bg-amber-700 focus:bg-amber-600 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer whitespace-nowrap;`
`50`	`53`	`}`
`51`	`54`	`.btn-danger {`
`52`		`- @apply py-2 px-4 bg-red-600 hover:bg-red-700 focus:bg-red-500 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer;`
	`55`	`+ @apply py-2 px-4 bg-red-600 hover:bg-red-700 focus:bg-red-500 text-white font-semibold rounded-md shadow focus:outline-none cursor-pointer whitespace-nowrap;`
`53`	`56`	`}`
`54`	`57`
`55`	`58`	`.alert-error {`