Merge pull request #2567 from alphagov/split-edit-user-page-and-move-…

…top-to-design-system Split "edit user" page and move top to GOV.UK Design System
alphagov · Dec 5, 2023 · 998a6ee · 998a6ee
2 parents 2bd159f + 1e98cb9
commit 998a6ee
Show file tree

Hide file tree

Showing 29 changed files with 717 additions and 296 deletions.
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -3,11 +3,11 @@
 class UsersController < ApplicationController
   include UserPermissionsControllerMethods
 
-  layout "admin_layout", only: %w[index event_logs require_2sv]
+  layout "admin_layout", only: %w[index edit event_logs require_2sv]
 
   before_action :authenticate_user!
   before_action :load_user, except: %i[index]
-  before_action :redirect_to_account_page_if_acting_on_own_user, only: %i[edit]
+  before_action :redirect_to_account_page_if_acting_on_own_user, only: %i[edit manage_permissions]
   before_action :authorize_user, except: %i[index]
   before_action :allow_no_application_access, only: [:update]
   before_action :redirect_legacy_filters, only: [:index]
@@ -31,7 +31,9 @@ def index
     end
   end
 
-  def edit
+  def edit; end
+
+  def manage_permissions
     @application_permissions = all_applications_and_permissions_for(@user)
   end
 
@@ -41,7 +43,7 @@ def update
       redirect_to users_path, notice: "Updated user #{@user.email} successfully"
     else
       @application_permissions = all_applications_and_permissions_for(@user)
-      render :edit
+      render :manage_permissions
     end
   end
 

diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb
@@ -1,10 +1,22 @@
 module UsersHelper
   include Pundit::Authorization
 
+  def status(user)
+    user.status.humanize
+  end
+
   def two_step_status(user)
     user.two_step_status.humanize.capitalize
   end
 
+  def two_step_status_with_requirement(user)
+    if user.not_setup_2sv? && user.require_2sv?
+      "Required but #{two_step_status(user).downcase}"
+    else
+      two_step_status(user)
+    end
+  end
+
   def organisation_options(form_builder)
     accessible_organisations = policy_scope(Organisation)
     options_from_collection_for_select(
@@ -104,4 +116,79 @@ def user_role_select_hint
       ],
     }
   end
+
+  def summary_list_item_for_name(user)
+    { field: "Name", value: user.name, edit: { href: edit_user_name_path(user) } }
+  end
+
+  def summary_list_item_for_email(user)
+    { field: "Email", value: user.email, edit: { href: edit_user_email_path(user) } }
+  end
+
+  def summary_list_item_for_organisation(user)
+    item = { field: "Organisation", value: user.organisation_name }
+    item[:edit] = { href: edit_user_organisation_path(user) } if policy(user).assign_organisation?
+    item
+  end
+
+  def summary_list_item_for_role(user)
+    item = { field: "Role", value: user.role.humanize.capitalize }
+    item[:edit] = { href: edit_user_role_path(user) } if policy(user).assign_role?
+    item
+  end
+
+  def summary_list_item_for_status(user)
+    { field: "Status", value: status(user) }
+  end
+
+  def summary_list_item_for_2sv_status(user)
+    { field: "2-step verification", value: two_step_status_with_requirement(user) }
+  end
+
+  def link_to_access_log(user)
+    link_to "View account access log", event_logs_user_path(user)
+  end
+
+  def link_to_suspension(user)
+    return unless policy(user).suspension?
+
+    link_to user.suspended? ? "Unsuspend user" : "Suspend user", edit_suspension_path(user)
+  end
+
+  def link_to_resend_invitation(user)
+    return unless policy(user).resend_invitation?
+    return unless user.invited_but_not_yet_accepted?
+
+    link_to "Resend signup email", edit_user_invitation_resend_path(user)
+  end
+
+  def link_to_unlock(user)
+    return unless policy(user).unlock?
+    return unless user.access_locked?
+
+    link_to "Unlock account", edit_user_unlocking_path(user)
+  end
+
+  def link_to_2sv_exemption(user)
+    return unless policy(user).exempt_from_two_step_verification?
+
+    text = user.exempt_from_2sv? ? "Edit 2-step verification exemption" : "Exempt user from 2-step verification"
+    link_to text, edit_two_step_verification_exemption_path(user)
+  end
+
+  def link_to_reset_2sv(user)
+    return unless policy(user).reset_2sv?
+    return unless user.has_2sv?
+
+    link_to "Reset 2-step verification", edit_user_two_step_verification_reset_path(user)
+  end
+
+  def link_to_mandate_2sv(user)
+    return unless policy(user).mandate_2sv?
+    return if user.require_2sv?
+
+    text = "Turn on 2-step verification for this user"
+    text += " (this will remove their exemption)" if user.exempt_from_2sv?
+    link_to text, edit_user_two_step_verification_mandation_path(user)
+  end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -304,6 +304,10 @@ def two_step_status
     end
   end
 
+  def not_setup_2sv?
+    two_step_status == TWO_STEP_STATUS_NOT_SET_UP
+  end
+
   def role_class
     Roles.const_get(role.classify)
   end
@@ -411,6 +415,10 @@ def belongs_to_gds?
     organisation.try(:content_id).to_s == Organisation::GDS_ORG_CONTENT_ID
   end
 
+  def organisation_name
+    organisation.present? ? organisation.name : Organisation::NONE
+  end
+
 private
 
   def two_step_mandated_changed?

diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb
@@ -39,6 +39,7 @@ def edit?
   alias_method :reset_two_step_verification?, :edit?
   alias_method :resend_email_change?, :edit?
   alias_method :cancel_email_change?, :edit?
+  alias_method :manage_permissions?, :edit?
 
   def assign_role?
     current_user.superadmin?

diff --git a/app/presenters/user_export_presenter.rb b/app/presenters/user_export_presenter.rb
@@ -40,7 +40,7 @@ def row(user)
       user.sign_in_count,
       user.current_sign_in_at.try(:to_formatted_s, :db),
       user.created_at.try(:to_formatted_s, :db),
-      user.status.humanize,
+      status(user),
       two_step_status(user),
       user.expiry_date_for_2sv_exemption.try(:strftime, "%d/%m/%Y"),
     ].concat(app_permissions_for(user))

diff --git a/app/views/doorkeeper_applications/users_with_access.html.erb b/app/views/doorkeeper_applications/users_with_access.html.erb
@@ -38,10 +38,10 @@
       { text: formatted_user_name(user), format: user_name_format(user) },
       { text: user.email, format: 'email' },
       { text: user.role.humanize },
-      { text: user.organisation.try(:name) },
+      { text: user.organisation_name },
       { text: user.sign_in_count },
       { text: formatted_last_sign_in(user) },
-      { text: user.status.humanize },
+      { text: status(user) },
       { text: user.eager_loaded_permission_for(@application).to_sentence },
     ]
   end,

diff --git a/app/views/suspensions/edit.html.erb b/app/views/suspensions/edit.html.erb
@@ -1,4 +1,6 @@
-<% content_for :title, "Suspend [#{@user.name}]" %>
+<% content_for :title_caption, "Manage other users" %>
+<% content_for :title, "Suspend or unsuspend #{@user.name}" %>
+
 <% content_for :breadcrumbs,
    render("govuk_publishing_components/components/breadcrumbs", {
      collapse_on_mobile: true,
@@ -16,7 +18,7 @@
          url: user_path(@user),
        },
        {
-         title: "Suspend",
+         title: "Suspend or unsuspend",
        },
      ]
    })

diff --git a/app/views/users/_form_fields.html.erb b/app/views/users/_form_fields.html.erb