user edit by admin

Author: kovson

app/models/ability.rb

@@ -3,7 +3,7 @@ class Ability
 
   def initialize(user)
     user ||= User.new # guest user (not logged in)
-    if user.admin?
+    if user.is_admin?
       can :manage, :all
     else
       can :manage, Post

app/models/user.rb

@@ -10,13 +10,9 @@ class User < ActiveRecord::Base
 
   scope :email_contains, -> (value) { where('email ILIKE ?', "%#{value.join}%") }
 
-  def admin?
-    has_role?(:admin)
-  end
-
   def token_validation_response
     self.as_json(except: [
       :tokens, :created_at, :updated_at
-    ]).merge("role" => self.roles.first.name)
+    ]).merge(roles: self.roles.map(&:name))
   end
 end

app/resources/user_resource.rb

@@ -1,14 +1,18 @@
 class UserResource < JSONAPI::Resource
   extend ModelFilter
-  attributes :email, :confirmed_at, :created_at
-  attribute :role
-
-  has_many :roles
+  attributes :email, :confirmed_at, :created_at, :roles
 
   paginator :paged
   model_filters :email_contains
 
-  def role
-    self._model.roles.first.name
+  def roles
+    @model.roles.pluck(:name)
+  end
+
+  def roles=(roles)
+    @model.roles.destroy_all
+    roles.map do |role|
+      @model.add_role role
+    end
   end
 end

client/src/api/normalize.js

@@ -45,6 +45,7 @@ const serializers = {
       keyForAttribute: 'camelCase',
       attributes: [
         'email',
+        'roles',
       ],
     }),
     deserializer: new Deserializer({

client/src/components/App.js

@@ -22,7 +22,7 @@ export class App extends Component {
 
   render() {
     const { user } = this.props;
-    const userIsAdmin = user.role === "admin"
+    const userIsAdmin = user.roles.includes('admin')
 
     return (
       <div>
@@ -51,7 +51,7 @@ export class App extends Component {
                 </DropdownToggle>
                 <DropdownMenu right>
                   <DropdownItem>
-                    <Link to="/profile">Profile</Link>
+                    <DropdownItem>Profile</DropdownItem>
                   </DropdownItem>
                   <DropdownItem href onClick={this.logout}> Logout </DropdownItem>
                 </DropdownMenu>

client/src/components/Profiles/ProfileEdit.js

@@ -8,10 +8,13 @@ import Dashboard from './Dashboard';
 import { PostList, PostEdit } from './Posts';
 import { CategoryList, CategoryEdit } from './Categories';
 import { UserList, UserEdit } from './Users';
-import { ProfileEdit } from './Profiles';
 import { Login } from './Auth';
 
 const UserIsAuthenticated = UserAuthWrapper({ authSelector: getUser });
+const UserIsAdmin = UserAuthWrapper({
+  authSelector: getUser,
+  predicate: user => user.roles.includes('admin')
+});
 
 export class Routes extends PureComponent {
   static propTypes = {
@@ -29,9 +32,8 @@ export class Routes extends PureComponent {
           <Route path="/posts/new" component={PostEdit}/>
           <Route path="/posts/:id" component={PostEdit}/>
           <Route path="/categories" component={CategoryList}/>
-          <Route path="/users" component={UserList}/>
-          <Route path="/users/:id" component={UserEdit}/>
-          <Route path="/profile" component={ProfileEdit}/>
+          <Route path="/users" component={UserIsAdmin(UserList)}/>
+          <Route path="/users/:id" component={UserIsAdmin(UserEdit)}/>
         </Route>
         <Route path="/login" component={Login}/>
       </Router>

client/src/components/Profiles/ProfileForm.js

@@ -14,7 +14,7 @@ export class UserEdit extends Component {
     fetchRoles();
 
     if (params.id) {
-      fetchResource({ id: params.id, include: 'roles' });
+      fetchResource({ id: params.id });
     }
   }