diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index 156272f3a0e6d97351c6ccdf74533791665501c3..122be9729080707ea6d0024449d06e01e7e66d6e 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -14,10 +14,6 @@ class Admin::UsersController < Admin::ApplicationController
breadcrumb
end
- def new
- breadcrumb
- end
-
def edit
breadcrumb
add_breadcrumb t('edit')
@@ -36,22 +32,9 @@ class Admin::UsersController < Admin::ApplicationController
redirect_back fallback_location: [:admin, about]
end
- def create
- # we don't want the confirmation mail to be send when the user is created from admin!
- @user.skip_confirmation!
- @user.modified_by = current_user
- if @user.save
- redirect_to [:admin, @user], notice: t('admin.successfully_created_html', model: @user.to_s)
- else
- breadcrumb
- render :new, status: :unprocessable_entity
- end
- end
-
def update
@user.modified_by = current_user
@user.skip_reconfirmation!
- manage_password
if @user.update(user_params)
redirect_to [:admin, @user], notice: t('admin.successfully_updated_html', model: @user.to_s)
else
@@ -92,19 +75,8 @@ class Admin::UsersController < Admin::ApplicationController
def user_params
params.require(:user)
- .permit(:email, :first_name, :last_name, :role, :password, :language_id, :picture, :picture_delete, :picture_infos, :mobile_phone, programs_to_manage_ids: [], websites_to_manage_ids: [])
+ .permit(:email, :first_name, :last_name, :role, :language_id, :picture, :picture_delete, :picture_infos, :mobile_phone, programs_to_manage_ids: [], websites_to_manage_ids: [])
.merge(university_id: current_university.id)
end
- def manage_password
- # to prevent cognitive complexity (the bottom block should be in an if condition where password present)
- # Password not provided when user from sso
- params[:user][:password] ||= ''
-
- if params[:user][:password].blank?
- params[:user].delete(:password)
- else
- @user.reset_password(params[:user][:password], params[:user][:password])
- end
- end
end
diff --git a/app/controllers/users/registrations_controller.rb b/app/controllers/users/registrations_controller.rb
index 8cfedc5222a5fa063da0ae499c351d894ee5964e..9581173cf2b163f23a5caaa2b8e7636f809dfa41 100644
--- a/app/controllers/users/registrations_controller.rb
+++ b/app/controllers/users/registrations_controller.rb
@@ -17,16 +17,6 @@ class Users::RegistrationsController < Devise::RegistrationsController
end
def update
- # to prevent cognitive complexity (the bottom block should be in an if condition where password present)
- # Password not provided when user from sso
- params[:user][:password] ||= ''
-
- if params[:user][:password].blank?
- params[:user].delete(:password)
- else
- resource.reset_password(params[:user][:password], params[:user][:password])
- end
-
super do |resource|
# Re-set I18n.locale in case of language change.
I18n.locale = resource.language.iso_code.to_sym
@@ -40,7 +30,12 @@ class Users::RegistrationsController < Devise::RegistrationsController
end
def update_resource(resource, params)
- resource.update(params)
+ if params[:password].blank?
+ params.delete(:current_password)
+ resource.update_without_password(params)
+ else
+ resource.update_with_password(params)
+ end
end
def configure_sign_up_params
diff --git a/app/views/admin/users/_form.html.erb b/app/views/admin/users/_form.html.erb
index e00b89b2e2d2252abe79793b78879e73afe7de26..f5f8ae2715602ff24ea2e41a536019b97322b2bb 100644
--- a/app/views/admin/users/_form.html.erb
+++ b/app/views/admin/users/_form.html.erb
@@ -13,19 +13,6 @@
label_method: lambda { |l| t("languages.#{l.iso_code.to_s}") } %>
</div>
<div class="col-md-4">
- <%= f.input :password,
- as: :password_with_hints,
- required: user.new_record?,
- hint: user.new_record? ? nil : t('admin.password_hint'),
- allow_password_uncloaking: true,
- validators: {
- length: Devise.password_length.first,
- uppercase_char: true,
- lowercase_char: true,
- numeric_char: true,
- special_char: Rails.application.config.allowed_special_chars
- },
- input_html: { autocomplete: "new-password" } %>
<%= f.input :mobile_phone %>
<%= f.input :role, include_blank: false, collection: current_user.managed_roles, label_method: lambda { |k| t("activerecord.attributes.user.roles.#{k[1]}")} %>
<div data-show-for-roles="program_manager">
diff --git a/app/views/admin/users/index.html.erb b/app/views/admin/users/index.html.erb
index 288e6602ceab46ef1e2c621fea2c4ff6dc6f58dc..9cc8ab89e282ef0181f7c8a8ae851e11658e5e94 100644
--- a/app/views/admin/users/index.html.erb
+++ b/app/views/admin/users/index.html.erb
@@ -40,6 +40,3 @@
<%= paginate @users, theme: 'bootstrap-5' %>
-<% content_for :action_bar_right do %>
- <%= create_link User %>
-<% end %>
diff --git a/app/views/admin/users/new.html.erb b/app/views/admin/users/new.html.erb
deleted file mode 100644
index a28983ec7a48ac8f9e5007b6b87987295d0ca8fb..0000000000000000000000000000000000000000
--- a/app/views/admin/users/new.html.erb
+++ /dev/null
@@ -1,3 +0,0 @@
-<% content_for :title, 'Créer' %>
-
-<%= render 'form', user: @user %>
diff --git a/app/views/devise/registrations/edit.html.erb b/app/views/devise/registrations/edit.html.erb
index 0120f5a8e0e681578a1696360230a9f32eabb3e8..aa10ad66211bdd07c3ba9b31f0c73707f4dbc936 100644
--- a/app/views/devise/registrations/edit.html.erb
+++ b/app/views/devise/registrations/edit.html.erb
@@ -19,6 +19,33 @@
label_method: lambda { |l| t("languages.#{l.iso_code.to_s}") } %>
<%= f.input :admin_theme, include_blank: false %>
</div>
+ <div class="col-lg-6">
+
+ <%= f.input :mobile_phone %>
+ <%= f.input :picture,
+ as: :single_deletable_file,
+ input_html: { accept: default_images_formats_accepted },
+ preview: 200,
+ resize: 1,
+ direct_upload: true %>
+ <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
+ <p><%= t(".currently_waiting_confirmation_for_email", email: resource.unconfirmed_email) %></p>
+ <% end %>
+ </div>
+ </div>
+
+
+ <h3 class="mt-5 mb-4"><%= t("devise.passwords.edit.new") %></h3>
+
+ <div class="row">
+ <div class="col-lg-6">
+ <%= f.input :current_password,
+ as: :password,
+ input_html: { autocomplete: "current-password" } %>
+ </div>
+ </div>
+
+ <div class="row">
<div class="col-lg-6">
<%= f.input :password,
as: :password_with_hints,
@@ -30,21 +57,19 @@
numeric_char: true,
special_char: Rails.application.config.allowed_special_chars
},
- hint: t(".leave_blank_if_you_don_t_want_to_change_it"),
+ label: t('devise.passwords.edit.new_password'),
required: false,
input_html: { autocomplete: "new-password" } %>
- <%= f.input :mobile_phone %>
- <%= f.input :picture,
- as: :single_deletable_file,
- input_html: { accept: default_images_formats_accepted },
- preview: 200,
- resize: 1,
- direct_upload: true %>
- <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
- <p><%= t(".currently_waiting_confirmation_for_email", email: resource.unconfirmed_email) %></p>
- <% end %>
+ </div>
+ <div class="col-lg-6">
+ <%= f.input :password_confirmation,
+ as: :password_with_sync,
+ allow_password_uncloaking: true,
+ compare_with_field: :password,
+ input_html: { autocomplete: "new-password" } %>
</div>
</div>
+
<% content_for :action_bar_right do %>
<%= submit f %>
<% end %>
diff --git a/config/routes.rb b/config/routes.rb
index 2d75270688eb81113da9f1ed8be79b6339f6a388..1092e049f5d3a7d42eee6ce456a465c40d981013 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -19,7 +19,7 @@ Rails.application.routes.draw do
end
namespace :admin do
- resources :users do
+ resources :users, except: [:new, :create] do
post 'resend_confirmation_email' => 'users#resend_confirmation_email', on: :member
patch 'unlock' => 'users#unlock', on: :member
end