| 1 | # frozen_string_literal: true |
| 2 | |
| 3 | module Admin |
| 4 | # Browse and inspect user accounts; grant or revoke staff (admin) access. |
| 5 | # Listing/search lives in Admin::UserSearch; this controller just handles the |
| 6 | # request and the two state-changing actions. |
| 7 | class UsersController < BaseController |
| 8 | def index |
| 9 | @search = UserSearch.new(params) |
| 10 | end |
| 11 | |
| 12 | def show |
| 13 | @user = User.find_by!(username: params[:id]) |
| 14 | @subscription = @user.subscription |
| 15 | @repositories = @user.repositories.order(updated_at: :desc).limit(20) |
| 16 | @repos_count = @user.repositories.count |
| 17 | @cloud_used = @user.cloud_requests_used |
| 18 | @cloud_allow = @user.cloud_allowance |
| 19 | rescue ActiveRecord::RecordNotFound |
| 20 | redirect_to admin_users_path, alert: "User not found." |
| 21 | end |
| 22 | |
| 23 | def grant_admin |
| 24 | user = User.find_by!(username: params[:id]) |
| 25 | user.update!(admin: true) |
| 26 | redirect_to admin_user_path(user.username), notice: "Granted admin to #{user.username}." |
| 27 | end |
| 28 | |
| 29 | def revoke_admin |
| 30 | user = User.find_by!(username: params[:id]) |
| 31 | |
| 32 | if user == current_user |
| 33 | return redirect_to admin_user_path(user.username), |
| 34 | alert: "You can't revoke your own admin access." |
| 35 | end |
| 36 | |
| 37 | user.update!(admin: false) |
| 38 | redirect_to admin_user_path(user.username), notice: "Revoked admin from #{user.username}." |
| 39 | end |
| 40 | end |
| 41 | end |