refactor: user management

2025-12-01 05:43:04 +00:00 · 2021-07-27 16:55:20 +00:00
--- a/app/views/users/_form.html.haml
+++ b/app/views/users/_form.html.haml
@@ -1,24 +1,44 @@
-= form_for @organization_user, :url => @organization_user.new_record? ? organization_users_path(organization) : organization_user_path(organization, @organization_user.user), :remote => true do |f|
+= form_for @user, :url => @user.new_record? ? users_path : user_path(@user), :remote => true do |f|
  = f.error_messages
-  = hidden_field_tag 'invite', params[:invite]
-  %fieldset.fieldSet
+  .fieldSet
+    .fieldSet__title
+      Enter user details
+    .fieldSet__field
+      = f.label :first_name, :class => 'fieldSet__label'
+      .fieldSet__input= f.text_field :first_name, :class => 'input input--text', :autofocus => true
+    .fieldSet__field
+      = f.label :last_name, :class => 'fieldSet__label'
+      .fieldSet__input= f.text_field :last_name, :class => 'input input--text'
    .fieldSet__field
      = f.label :email_address, :class => 'fieldSet__label'
-      .fieldSet__input
-        = f.text_field :email_address, :autofocus => true, :class => 'input input--text', :disabled => @organization_user.persisted?
+      .fieldSet__input= f.text_field :email_address, :class => 'input input--text', autocomplete: 'one-time-code'
+    - unless @user.persisted?
+      .fieldSet__field
+        = f.label :password, :class => 'fieldSet__label'
+        .fieldSet__input= f.password_field :password, :class => 'input input--text', :placeholder => '•••••••••••', autocomplete: 'one-time-code'
+      .fieldSet__field
+        = f.label :password_confirmation, "Confirm".html_safe, :class => 'fieldSet__label'
+        .fieldSet__input= f.password_field :password_confirmation, :class => 'input input--text', :placeholder => '•••••••••••', autocomplete: 'one-time-code'
+
+  %fieldset.fieldSet
    .fieldSet__title
      What level of access do you wish to grant?
+    .fieldSet__titleSubText
+      Admin users have full access to all organizations and settings. Non-admin users will only
+      have access to the organizations that you select here.
    .fieldSet__field
-      = f.label :admin, :class => 'fieldSet__label'
+      .fieldSet__label Admin?
      .fieldSet__input
-        = f.select :admin, [["No - do not grant admin access", false], ["Yes - grant admin access", true]], {},:class => 'input input--select'
-        %p.fieldSet__text
-          Users who have admin access will be permitted to manage the organization as if they had the same
-          access as the organization owner. This includes managing users, creating & deleting mail servers,
-          and even removing the account. This level of access should granted carefully.
-          Regardless of which level you select, this user will have access to all servers within the organization.
+        = hidden_field_tag 'user[organization_ids][]'
+        = f.select :admin, [["Yes - grant admin access", true], ["No - do not grant admin access", false]], {},:class => 'input input--select fieldSet__checkboxListAfter js-checkbox-list-toggle'
+        %ul.checkboxList{:class => [@user.admin? ? 'is-hidden' : '']}
+          - for org in Organization.order(:name).to_a
+            %li.checkboxList__item
+              .checkboxList__checkbox= check_box_tag "user[organization_ids][]", org.id, @user.organizations.include?(org), :id => "org_#{org.id}"
+              .checkboxList__label
+                = label_tag "org_#{org.id}", org.name, :class => 'checkboxList__actualLabel'

  .fieldSetSubmit.buttonSet
-    = submit_tag @organization_user.new_record? ? "Add User" : "Save User", :class => 'button button--positive js-form-submit'
+    = submit_tag @user.new_record? ? "Add User" : "Save User", :class => 'button button--positive js-form-submit'
    .fieldSetSubmit__delete
-      = link_to "Back to user list", [organization, :users], :class => 'button button--neutral'
+      = link_to "Back to user list", :users, :class => 'button button--neutral'
--- a/app/views/users/edit.html.haml
+++ b/app/views/users/edit.html.haml
@@ -3,13 +3,10 @@
 .pageHeader
  %h1.pageHeader__title
    %span.pageHeader__titlePrevious
-      = @organization.name
-      &rarr;
-      Users
+      = link_to 'Users', users_path
      &rarr;
    Edit user permissions

-= render 'organizations/nav', :active_nav => :users
 .pageContent.pageContent--compact
  = render 'form'

--- a/app/views/users/index.html.haml
+++ b/app/views/users/index.html.haml
@@ -1,57 +1,21 @@
 - page_title << "Users"
 .pageHeader
  %h1.pageHeader__title
-    %span.pageHeader__titlePrevious
-      = @organization.name
-      &rarr;
    Users

-= render 'organizations/nav', :active_nav => :users
 .pageContent.pageContent--compact
-  - if @users.empty? && @pending_users.empty?
-    .noData.noData--clean
-      %p.noData__title There are no users assigned to this organization.
-      %p.noData__text
-        You add additional users that will be permitted to access this organization.
-        They will be sent an email and they'll be able to create an account which will
-        allow them to login and access this organization.
-      %p.noData__button.buttonSet.buttonSet--center
-        = link_to "Invite the first user", [:new, organization, :user], :class => 'button button--positive'
+  %ul.userList.u-margin
+    - for user in @users
+      %li.userList__item
+        = image_tag user.avatar_url, :class => 'userList__avatar'
+        .userList__details
+          %p.userList__name
+            = user.name
+            - if user.admin?
+              %span.userList__admin.label Admin
+          %p.userList__email= user.email_address
+        %ul.userList__actions
+          %li= link_to "Edit permissions", [:edit, user]
+          %li= link_to "Delete user", user, :method => :delete, :data => {:confirm => "Are you sure you wish to revoke #{user.name}'s access?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke'

-  - else
-    %p.pageContent__intro.u-margin
-      You can share access to this organization with other people by adding them
-      here. They'll need to create their own account first and then you'll be able
-      to add them to your organization by entering their e-mail address.
-
-    %ul.userList.u-margin
-      - for user in @users
-        %li.userList__item
-          = image_tag user.user.avatar_url, :class => 'userList__avatar'
-          .userList__details
-            %p.userList__name
-              = user.user.name
-              - if user.user == organization.owner
-                %span.userList__owner.label Owner
-              - elsif user.admin?
-                %span.userList__admin.label Admin
-            %p.userList__email= user.user.email_address
-          %ul.userList__actions
-            - if organization.owner != user.user
-              %li= link_to "Edit permissions", [:edit, organization, user.user]
-              - if organization.owner == current_user
-                %li= link_to "Make owner", [:make_owner, organization, user.user], :method => :post, :data => {:confirm => "Are you sure you wish to make #{user.user.name} the owner of this organization? They will be granted full admin access. You won't be able to change this back.", :disable_with => "Promoting..."}, :remote => true
-              %li= link_to "Revoke access", [organization, user.user], :method => :delete, :data => {:confirm => "Are you sure you wish to revoke #{user.user.name}'s access to the organization?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke'
-      - for user in @pending_users
-        %li.userList__item
-          = image_tag user.user.avatar_url, :class => 'userList__avatar'
-          .userList__details
-            %p.userList__name
-              = user.user.email_address
-              %span.userList__pending.label Pending
-          %ul.userList__actions
-            %li= link_to "Edit permissions", edit_organization_user_path(organization, user.user, :invite => 1)
-            %li= link_to "Cancel invitation", organization_user_path(organization, user.user, :invite => 1), :method => :delete, :data => {:confirm => "Are you sure you wish to cancel this invitation?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke'
-
-
-    %p.u-center= link_to "Invite a new user", [:new, organization, :user], :class => 'button button--positive'
+  %p.u-center= link_to "Add a new user", :new_user, :class => 'button button--positive'
--- a/app/views/users/new.html.haml
+++ b/app/views/users/new.html.haml
@@ -3,17 +3,14 @@
 .pageHeader
  %h1.pageHeader__title
    %span.pageHeader__titlePrevious
-      = @organization.name
-      &rarr;
-      Users
+      = link_to 'Users', :users
      &rarr;
    Add user

-= render 'organizations/nav', :active_nav => :users
 .pageContent.pageContent--compact
  %p.pageContent__intro.u-margin
-    To add someone to your organization enter their e-mail address below. If
-    they don't already have a Postal account, they'll need to create one
-    before you can add them to your account.
+    To add someone to this Postal installation, you can add them below. You'll need to
+    choose whether to make them an admin (full access to all organizations and settings)
+    or whether you wish to limit them to specific organizations.
  = render 'form'