Add admin column to Users

app/controllers/users_controller.rb

@@ -1,7 +1,7 @@
 class UsersController < ApplicationController
 
   before_action :set_user, only: [:show, :edit, :update, :destroy]
-  before_action :correct_user, only: [:edit, :update]
+  before_action :check_permission, only: [:edit, :update]
 
   def index
     respond_to do |format|
@@ -40,16 +40,27 @@ class UsersController < ApplicationController
       allowed = [:login, :email, :password, :password_confirmation,
                 :phone, :picture]
 
-      if current_user.is_administrator_at?(@user.school)
+      if can_administer?
         allowed += [:gender, :birth_date, :name]
       end
 
+      if current_user.admin?
+        allowed += [:admin]
+      end
+
       params.require(:user).permit(*allowed)
     end
 
     # Confirms the correct user.
-    def correct_user
-      redirect_to(root_url) unless current_user?(@user) ||
-                                current_user.is_administrator_at?(@user.school)
+    def check_permission
+      redirect_to(root_url) unless can_edit?
+    end
+
+    def can_edit?
+      current_user?(@user) || can_administer?
+    end
+
+    def can_administer?
+      current_user.is_administrator_at?(@user.school) || current_user.admin?
     end
 end

db/migrate/20180210170344_add_admin_to_users.rb

@@ -0,0 +1,5 @@
+class AddAdminToUsers < ActiveRecord::Migration[5.1]
+  def change
+    add_column :users, :admin, :boolean, default: false
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20180119161200) do
+ActiveRecord::Schema.define(version: 20180210170344) do
 
   create_table "administrations", force: :cascade do |t|
     t.integer "user_id"
@@ -67,6 +67,7 @@ ActiveRecord::Schema.define(version: 20180119161200) do
     t.date "birth_date"
     t.string "picture"
     t.integer "school_id"
+    t.boolean "admin", default: false
     t.index ["login"], name: "index_users_on_login", unique: true
     t.index ["school_id_id"], name: "index_users_on_school_id_id"
   end

db/seeds.rb

@@ -15,7 +15,8 @@ user = User.create!(name:  "Example User",
              password_confirmation: "foobar",
              birth_date: 15.years.ago,
              phone:      "(333) 333-3333",
-             school: school)
+             school: school,
+             admin: true)
 
 school.administrators << user
 school.save

test/controllers/users_controller_test.rb

@@ -5,6 +5,7 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
     @user = users(:daniel)
     @other_user = users(:ben)
     @student_user = users(:billy)
+    @global_admin = users(:admin)
   end
 
   test "should display age correctly" do
@@ -69,10 +70,17 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
     assert_redirected_to root_url
   end
 
-  test "should update name attribute when logged in as admin" do
+  test "should update name attribute when logged in as school admin" do
     log_in_as(@user)
     patch user_url(@student_user), params: { user: { name: "New Name" } }
-    assert_equal @student_user.reload.name, "New Name"
+    assert_equal "New Name", @student_user.reload.name
+    assert_redirected_to user_url(@student_user)
+  end
+
+  test "should update name attribute when logged in as global admin" do
+    log_in_as(@global_admin)
+    patch user_url(@student_user), params: { user: { name: "New Name" } }
+    assert_equal "New Name", @student_user.reload.name
     assert_redirected_to user_url(@student_user)
   end
 end

test/fixtures/users.yml

@@ -28,3 +28,11 @@ billy:
   password_digest: <%= User.digest('password') %>
   birth_date: <%= 11.years.ago %>
   school: two
+
+admin:
+  login: admin
+  name: Admin Administrator
+  email: admin@example.com
+  password_digest: <%= User.digest('password') %>
+  birth_date: <%= Time.now %>
+  admin: true