[feature] Add ability to deactivate accounts

Fixes #129

Author: sman591

app/assets/javascripts/manage/lib/setupDataTables.js

@@ -38,6 +38,7 @@ var setupDataTables = function() {
       { orderable: true, data: "id", visible: false },
       { orderable: true, data: "email" },
       { orderable: true, data: "role" },
+      { orderable: true, data: "active" },
       { orderable: true, data: "created_at" }
     ]
   });

app/controllers/manage/admins_controller.rb

@@ -46,7 +46,7 @@ def destroy
 
   def user_params
     params.require(:user).permit(
-      :email, :password, :password_confirmation, :remember_me, :role
+      :email, :password, :password_confirmation, :remember_me, :role, :is_active
     )
   end
 

app/datatables/admin_datatable.rb

@@ -3,10 +3,11 @@ class AdminDatatable < AjaxDatatablesRails::Base
 
   def view_columns
     @view_columns ||= {
-      id: { source: 'User.id' },
-      email: { source: 'User.email' },
-      role: { source: 'User.role', searchable: false },
-      created_at: { source: 'User.created_at', searchable: false }
+      id: { source: "User.id" },
+      email: { source: "User.email" },
+      role: { source: "User.role", searchable: false },
+      active: { source: "User.is_active", searchable: false },
+      created_at: { source: "User.created_at", searchable: false },
     }
   end
 
@@ -18,7 +19,8 @@ def data
         id: record.id,
         email: link_to(bold(record.email), manage_admin_path(record)),
         role: record.role.titleize,
-        created_at: display_datetime(record.created_at)
+        active: record.is_active ? '<span class="badge badge-secondary">Active</span>'.html_safe : '<span class="badge badge-danger">Inactive<span>'.html_safe,
+        created_at: display_datetime(record.created_at),
       }
     end
   end
@@ -27,5 +29,6 @@ def data
   def get_raw_records
     User.where(role: [:admin, :admin_limited_access, :event_tracking])
   end
+
   # rubocop:enable Naming/AccessorMethodName
 end

app/models/user.rb

@@ -23,7 +23,7 @@ def set_default_role
   end
 
   def active_for_authentication?
-    true
+    super && is_active
   end
 
   def send_devise_notification(notification, *args)
@@ -59,9 +59,9 @@ def self.from_omniauth(auth)
     matching_provider = where(provider: auth.provider, uid: auth.uid)
     matching_email = where(email: auth.info.email)
     matching_provider.or(matching_email).first_or_create do |user|
-      user.uid               = auth.uid
-      user.email             = auth.info.email
-      user.password          = Devise.friendly_token[0, 20]
+      user.uid = auth.uid
+      user.email = auth.info.email
+      user.password = Devise.friendly_token[0, 20]
     end
   end
 

app/views/manage/admins/_form.html.haml

@@ -12,6 +12,7 @@
     .form-inputs
       = f.input :email, input_html: { "data-validate" => "presence" }, required: true
       = f.input :role, collection: User.roles.to_a.collect{|c| [c[0].titleize, c[0]]}, include_blank: false
+      = f.input :is_active, collection: [['Active', true], ['Inactive', false]], as: :radio_buttons
 
     .center
       = f.button :submit, value: ( @user.new_record? ? 'Create' : 'Save' ), class: 'btn-primary'

app/views/manage/admins/index.html.haml

@@ -8,5 +8,6 @@
         %th ID
         %th Email
         %th Role
+        %th Login access
         %th Registered on
     %tbody

app/views/manage/admins/show.html.haml

@@ -12,6 +12,13 @@
     %b Role:
     = @user.role.titleize
 
+  %p
+    %b Login access:
+    - if @user.is_active
+      %span.badge.badge-success Active
+    - else
+      %span.badge.badge-danger Inactive
+
   %p
     %b Registered:
     = display_datetime(@user.created_at)

config/locales/en.yml

@@ -44,6 +44,7 @@ en:
         notes: Notes are shared with applicants. Supports Markdown and HTML.
       user:
         role: Limited access prevents the admin from adding, modifying, or deleting any records; modifications through the check-in process are allowed. Event tracking limits to only event tracking.
+        is_active: Deactivating a user will prevent them from logging in. Their access will be immediately revoked from the admin and application pages.
       message:
         type: Bulk emails are sent once, manually. Automated emails are sent upon a desired trigger/event.
         name: A friendly name to recognize this email. Applicants won't see this.
@@ -100,6 +101,8 @@ en:
       user:
         email: [email protected]
     labels:
+      user:
+        is_active: Login access
       hackathon_config:
         name: Hackathon Name
         email_from: From Email

db/migrate/20190521213729_add_is_active_to_users.rb

@@ -0,0 +1,5 @@
+class AddIsActiveToUsers < ActiveRecord::Migration[5.2]
+  def change
+    add_column :users, :is_active, :boolean, default: true
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_05_21_171801) do
+ActiveRecord::Schema.define(version: 2019_05_21_213729) do
 
   create_table "active_storage_attachments", options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
     t.string "name", null: false
@@ -268,6 +268,7 @@
     t.string "uid"
     t.datetime "reminder_sent_at"
     t.integer "role", default: 0
+    t.boolean "is_active", default: true
     t.index ["email"], name: "index_users_on_email", unique: true
     t.index ["provider"], name: "index_users_on_provider"
     t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true