Finish user edit, update, index, and destroy actions

Gemfile

@@ -43,6 +43,9 @@ end
 
 # Use ActiveModel has_secure_password
 gem 'bcrypt-ruby', '~> 3.0.0'
+gem 'faker', '1.1.2'
+gem 'will_paginate', '3.0.4'
+gem 'bootstrap-will_paginate', '0.0.9'
 
 # Use unicorn as the app server
 # gem 'unicorn'

Gemfile.lock

@@ -30,6 +30,8 @@ GEM
     bcrypt-ruby (3.0.1)
     bootstrap-sass (2.3.2.0)
       sass (~> 3.2)
+    bootstrap-will_paginate (0.0.9)
+      will_paginate
     builder (3.1.4)
     capybara (2.1.0)
       mime-types (>= 1.16)
@@ -57,6 +59,8 @@ GEM
     factory_girl_rails (4.2.1)
       factory_girl (~> 4.2.0)
       railties (>= 3.0.0)
+    faker (1.1.2)
+      i18n (~> 0.5)
     ffi (1.9.0)
     formatador (0.2.4)
     guard (2.1.1)
@@ -187,6 +191,7 @@ GEM
       execjs (>= 0.3.0)
       multi_json (~> 1.0, >= 1.0.2)
     websocket (1.0.7)
+    will_paginate (3.0.4)
     xpath (2.0.0)
       nokogiri (~> 1.3)
 
@@ -196,10 +201,12 @@ PLATFORMS
 DEPENDENCIES
   bcrypt-ruby (~> 3.0.0)
   bootstrap-sass (= 2.3.2.0)
+  bootstrap-will_paginate (= 0.0.9)
   capybara (= 2.1.0)
   childprocess (= 0.3.6)
   coffee-rails (~> 4.0.0)
   factory_girl_rails (= 4.2.1)
+  faker (= 1.1.2)
   guard-rspec (= 2.5.0)
   guard-spork (= 1.5.0)
   jbuilder (= 1.0.2)
@@ -215,3 +222,4 @@ DEPENDENCIES
   sqlite3 (= 1.3.8)
   turbolinks (= 1.1.1)
   uglifier (= 2.1.1)
+  will_paginate (= 3.0.4)

app/assets/stylesheets/custom.css.scss

@@ -174,4 +174,19 @@ input {
 .field_with_errors {
   @extend .control-group;
   @extend .error;
+}
+
+/* Users index */
+.users {
+  list-style: none;
+  margin: 0;
+  li {
+    overflow: auto;
+    padding: 10px 0;
+    border-top: 1px solid $grayLighter;
+    &:last-child {
+      border-bottom: 1px solid $grayLighter;
+    }
+
+  }
 }

app/controllers/sessions_controller.rb

@@ -7,7 +7,7 @@ def create
 		if user && user.authenticate(params[:session][:password])
 			#sign in
 			sign_in user
-			redirect_to user
+			redirect_back_or user
 		else
 			flash.now[:error] = 'Invalid email/password combination'
 			render 'new'
@@ -16,5 +16,7 @@ def create
 	end
 
 	def destroy
+		sign_out
+		redirect_to root_url
 	end
 end

app/controllers/users_controller.rb

@@ -1,4 +1,12 @@
 class UsersController < ApplicationController
+  before_action :signed_in_user, only: [:index, :edit, :update]
+  before_action :correct_user, only: [:edit, :update]
+  before_action :admin_user, only: :destroy
+
+  def index
+    @users = User.paginate(page: params[:page])
+  end
+
   def show
   	@user = User.find(params[:id])
   end
@@ -18,14 +26,45 @@ def create
   	end
   end
 
+  def edit
+  end
+
+  def update
+    if @user.update_attributes(user_params)
+      #Handle a successful update.
+      flash[:success] = "Profile updated"
+      redirect_to @user
+    else
+      render 'edit'
+    end
+  end
+
+  def destroy
+    User.find(params[:id]).destroy
+    flash[:success] = "User deleted"
+    redirect_to users_url
+  end
+
   private
 
   def user_params
   	params.require(:user).permit(:name, :email, :password, :password_confirmation)
   end
 
-  def destroy
-    sign_out
-    redirect_to root_url
+  def signed_in_user
+    unless signed_in?
+      store_location
+      redirect_to signin_url, notice: "Please sign in." 
+    end
+  end
+
+  def correct_user
+    @user = User.find(params[:id])
+    redirect_to (root_url) unless current_user? (@user)
+  end
+
+  def admin_user
+    redirect_to(root_url) unless current_user.admin?
   end
+
 end

app/helpers/sessions_helper.rb

@@ -20,10 +20,24 @@ def current_user
 		@current_user ||= User.find_by(remember_token: remember_token)
 	end
 
+	def current_user?(user)
+		user == current_user
+	end
+
 	def sign_out
-		current_user.update_attribute(:new_remember_token,
+		current_user.update_attribute(:remember_token,
 										User.encrypt(User.new_remember_token))
 		cookies.delete(:remember_token)
 		self.current_user = nil
 	end
+
+
+	def redirect_back_or(default)
+		redirect_to (session[:return_to] || default)
+		session.delete(:return_to)
+	end
+
+	def store_location
+		session[:return_to] = request.url if request.get?
+	end
 end

app/views/layouts/_header.html.erb

@@ -7,13 +7,13 @@
           <li><%= link_to "Home",    root_path %></li>
           <li><%= link_to "Help",    help_path %></li>
           <% if signed_in? %>
-            <li><%= link_to "Users", '#' %></li>
+            <li><%= link_to "Users", users_path %></li>
             <li id="fat-menu" class="dropdown">
               <a href="#" class="dropdown-toggle" data-toggle="dropdown">Account <b class="caret"></b>
               </a>
               <ul class="dropdown-menu">
                 <li><%= link_to "Profile", current_user %></li>
-                <li><%= link_to "Settings", '#' %></li>
+                <li><%= link_to "Settings", edit_user_path(current_user) %></li>
                 <li class="divider"></li>
                 <li>
                   <%= link_to "Sign out", signout_path, method: "delete" %>

app/views/sessions/debug.html.erb

@@ -0,0 +1 @@
+session:<%= debug session[:return_to] %>

app/views/users/_user.html.erb

@@ -0,0 +1,8 @@
+<li>
+	<%= gravatar_for user, size: 52 %>
+	<%= link_to user.name, user %>
+	<% if current_user.admin? && !current_user?(user) %>
+		| <%= link_to "delete", user, method: :delete,
+									data: { confirm: "You sure?" } %>
+	<% end %>
+</li>

app/views/users/edit.html.erb

@@ -0,0 +1,26 @@
+<% provide(:title,  "Edit user") %>
+<h1>Update your profile</h1>
+
+<div class="row">
+	<div class="span6 offset3">
+		<%= form_for(@user) do |f| %>
+			<%= render 'shared/error_messages' %>
+
+			<%= f.label :name %>
+			<%= f.text_field :name %>
+
+			<%= f.label :email %>
+			<%= f.text_field :email %>
+
+			<%= f.label :password %>
+			<%= f.password_field :password %>
+
+			<%= f.label :password_confirmation, "Confirm Password" %>
+			<%= f.password_field :password_confirmation %>
+
+			<%= f.submit "Save changes", class: "btn btn-large btn-primary" %>
+		<% end %>
+		<%= gravatar_for @user %>
+		<a href="http://gravatar.com/emails">change</a>
+	</div>
+</div>

app/views/users/index.html.erb

@@ -0,0 +1,9 @@
+<% provide(:title, 'All users') %>
+<h1>All users</h1>
+<%= will_paginate %>
+<ul class="users">
+	<% @users.each do |user| %>
+	<%= render user %>
+	<% end %>
+</ul>
+<%= will_paginate %>

db/migrate/20140106063543_add_admin_to_users.rb

@@ -0,0 +1,5 @@
+class AddAdminToUsers < ActiveRecord::Migration
+  def change
+    add_column :users, :admin, :boolean, default: false
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20131130175757) do
+ActiveRecord::Schema.define(version: 20140106063543) do
 
   create_table "users", force: true do |t|
     t.string   "name"
@@ -20,6 +20,7 @@
     t.datetime "updated_at"
     t.string   "password_digest"
     t.string   "remember_token"
+    t.boolean  "admin",           default: false
   end
 
   add_index "users", ["email"], name: "index_users_on_email", unique: true

lib/tasks/sample_data.rake

@@ -0,0 +1,19 @@
+namespace :db do
+	desc "Fill database with sample data"
+	task populate: :environment do
+		User.create!(name: "Example User",
+					 email: "[email protected]",
+					 password: "foobar",
+					 password_confirmation: "foobar",
+					 admin: true)
+		99.times do |n|
+			name = Faker::Name.name
+			email = "example-#{n+1}@railstutorial.org"
+			password = "password"
+			User.create!(name: name,
+						 email: email,
+						 password: password,
+						 password_confirmation: password)
+		end
+	end
+end

spec/factories.rb

@@ -1,8 +1,12 @@
 FactoryGirl.define do
 	factory :user do
-		name		"Michael Hartl"
-		email		"michael@example.com"
+		sequence(:name)	{ |n| "Person #{n}" }
+		sequence(:email) { |n| "person_#{n}@example.com" }
 		password	"foobar"
 		password_confirmation "foobar"
+
+		factory :admin do
+			admin true
+		end
 	end
 end

spec/models/user_spec.rb

@@ -15,8 +15,20 @@
   it { should respond_to(:password_confirmation) }
   it { should respond_to(:remember_token) }
   it { should respond_to(:authenticate) }
+  it { should respond_to(:admin) }
 
   it { should be_valid }
+  it { should_not be_admin }
+
+  describe "with admin attribute set to 'true'" do
+    before do
+      @user.save!
+      @user.toggle!(:admin)
+    end
+
+    it { should be_admin }
+  end
+
 
   describe "when name is not present" do
   	before { @user.name = " " }