Admin interface with manual email addition

This adds a feature where admins can manually associate emails with
users, without email confirmation - useful for helping people who wants
to add old email addresses they are no longer able to access.

Author: dutow

app/assets/stylesheets/application.postcss.css

@@ -22,4 +22,4 @@
 @import "components/stats.css";
 @import "components/reports.css";
 @import "components/help.css";
-@import "components/admin-merge.css";
+@import "components/admin.css";

…s/stylesheets/components/admin-merge.css …/assets/stylesheets/components/admin.cssapp/assets/stylesheets/components/admin-merge.css renamed to app/assets/stylesheets/components/admin.css app/assets/stylesheets/components/admin-merge.css renamed to app/assets/stylesheets/components/admin.css

@@ -1,3 +1,10 @@
+/* Admin Styles */
+
+/* Admin Users Table */
+.settings-page .email-table-wrap {
+  overflow-x: auto;
+}
+
 /* Admin Topic Merge Styles */
 
 .admin-merge-container {

app/controllers/admin/base_controller.rb

@@ -1,8 +1,16 @@
 # frozen_string_literal: true
 
 class Admin::BaseController < ApplicationController
+  layout 'admin'
+
   before_action :require_admin
 
+  helper_method :active_admin_section
+
+  def active_admin_section
+    :dashboard
+  end
+
   private
 
   def require_admin

app/controllers/admin/dashboard_controller.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+class Admin::DashboardController < Admin::BaseController
+  def active_admin_section
+    :dashboard
+  end
+
+  def show
+  end
+end

app/controllers/admin/email_changes_controller.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class Admin::EmailChangesController < Admin::BaseController
+  def active_admin_section
+    :email_changes
+  end
+
+  def index
+    @email_changes = AdminEmailChange.includes(performed_by: { person: :default_alias },
+                                               target_user: { person: :default_alias })
+                                     .order(created_at: :desc)
+                                     .limit(100)
+  end
+end

app/controllers/admin/imap_sync_states_controller.rb

@@ -1,6 +1,10 @@
 # frozen_string_literal: true
 
-class Admin::ImapSyncStatesController < ApplicationController
+class Admin::ImapSyncStatesController < Admin::BaseController
+  def active_admin_section
+    :imap_sync
+  end
+
   def index
     @states = ImapSyncState.order(:mailbox_label)
     respond_to do |format|

app/controllers/admin/topic_merges_controller.rb

@@ -2,6 +2,10 @@
 
 class Admin::TopicMergesController < Admin::BaseController
   before_action :set_source_topic, only: [ :new, :preview, :create ]
+
+  def active_admin_section
+    :topic_merges
+  end
   before_action :set_target_topic, only: [ :preview, :create ]
 
   def index

app/controllers/admin/users_controller.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+class Admin::UsersController < Admin::BaseController
+  before_action :set_user, only: [:toggle_admin, :new_email, :confirm_email, :add_email]
+
+  def active_admin_section
+    :users
+  end
+
+  def index
+    @users = User.active
+                 .includes(person: [:default_alias, :aliases])
+                 .order(created_at: :desc)
+                 .limit(params.fetch(:limit, 50).to_i)
+                 .offset(params.fetch(:offset, 0).to_i)
+  end
+
+  def toggle_admin
+    if @user == current_user
+      return redirect_to admin_users_path, alert: "You cannot change your own admin status."
+    end
+
+    @user.update!(admin: !@user.admin?)
+    redirect_to admin_users_path, notice: "#{@user.username || 'User'} is #{@user.admin? ? 'now' : 'no longer'} an admin."
+  end
+
+  def new_email
+  end
+
+  def confirm_email
+    @email = params[:email].to_s.strip.downcase
+    if @email.blank?
+      return redirect_to new_email_admin_user_path(@user), alert: "Email address is required."
+    end
+
+    @existing_aliases = Alias.by_email(@email)
+    @owned_by_other = @existing_aliases.where.not(user_id: [nil, @user.id]).exists?
+  end
+
+  def add_email
+    email = params[:email].to_s.strip.downcase
+    if email.blank?
+      return redirect_to admin_users_path, alert: "Email address is required."
+    end
+
+    person = @user.person || Person.create!
+    @user.update!(person_id: person.id) if @user.person_id.nil?
+
+    aliases = Alias.by_email(email)
+
+    if aliases.where.not(user_id: [nil, @user.id]).exists?
+      return redirect_to admin_users_path, alert: "Email is linked to another account. Cannot associate."
+    end
+
+    if aliases.exists?
+      aliases.find_each do |al|
+        person.attach_alias!(al, user: @user)
+        al.update_columns(verified_at: Time.current)
+      end
+
+      AdminEmailChange.create!(
+        performed_by: current_user,
+        target_user: @user,
+        email: email,
+        aliases_attached: aliases.count,
+        created_new_alias: false
+      )
+    else
+      al = Alias.create!(person: person, user: @user, name: email, email: email, verified_at: Time.current)
+      person.update!(default_alias_id: al.id) if person.default_alias_id.nil?
+
+      AdminEmailChange.create!(
+        performed_by: current_user,
+        target_user: @user,
+        email: email,
+        aliases_attached: 0,
+        created_new_alias: true
+      )
+    end
+
+    redirect_to admin_users_path, notice: "Email #{email} has been associated with #{@user.username || 'the user'}."
+  end
+
+  private
+
+  def set_user
+    @user = User.find(params[:id])
+  end
+end

app/helpers/admin_helper.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module AdminHelper
+  def admin_nav_link_class(section)
+    classes = ['settings-nav-link']
+    classes << 'active' if active_admin_section == section
+    classes.join(' ')
+  end
+
+  def active_admin_section
+    controller.respond_to?(:active_admin_section) ? controller.active_admin_section : :users
+  end
+end

app/models/admin_email_change.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class AdminEmailChange < ApplicationRecord
+  belongs_to :performed_by, class_name: "User"
+  belongs_to :target_user, class_name: "User"
+
+  validates :email, presence: true
+end