Merge branch 'dev' into shopping-cart

app/models/user.rb

@@ -4,6 +4,15 @@ class User < ApplicationRecord
   devise :database_authenticatable, :registerable,
          :recoverable, :rememberable, :validatable
 
+  # Include default devise modules. Others available are:
+
+  enum role: %i[user moderator admin]
+  after_initialize :set_default_role, if: :new_record?
+
+  def set_default_role
+    self.role ||= :user
+  end
+
   has_many :news, foreign_key: :user_id, class_name: 'News', dependent: :destroy
   has_many :clubs, foreign_key: :user_id, class_name: 'Club', dependent: :destroy
 end

app/views/news/index.html.erb

@@ -1,7 +1,13 @@
-<div class="p-6 bg-[#FAE115] font-bold uppercase text-5xl flex justify-between">
-  NEWS  <% if current_user %>
-    <%=link_to "Add News", new_news_path, class: "normal-case border-2 border-[#fff] hover:bg-[#fff] font-normal lg:text-2xl md:text-xl sm:text-sm sm:text-xl text-white hover:text-[#FAE115] p-2 rounded-full mb-2" %>
+<div class="p-4 pl-6 bg-[#FAE115] font-bold uppercase text-4xl flex justify-between">
+  NEWS
+  <div>
+    <% if current_user %>
+      <% if current_user.moderator? or current_user.admin?  %>
+        <%=link_to "Add News", new_news_path, class: "normal-case border-2 border-[#fff] hover:bg-[#fff] font-normal lg:text-2xl md:text-xl sm:text-sm sm:text-xl text-white hover:text-[#FAE115] p-2 rounded-full mb-2" %>
+      <% end %>
+      <%= current_user.role %>
   <% end %>
+  </div>
 </div>
 <div class="bg-gray-300 flex text-3xl py-3 px-5 md:mx-10 md:gap-20">
   <p>Latest News</p>

app/views/news/show.html.erb

@@ -1,5 +1,5 @@
 <div class="shadow-md">
-<div class="p-8 bg-[#FAE115] font-bold uppercase text-3xl">
+<div class="p-4 pl-6 bg-[#FAE115] font-bold uppercase text-3xl">
   <p>NEWS | <%= @news.header_news %></p>
 </div>
 

config/database.yml

@@ -32,7 +32,7 @@ development:
   # The specified database role being used to connect to postgres.
   # To create additional roles in postgres see `$ createuser --help`.
   # When left blank, postgres will use the default role. This is
-  # the same name as the operating system user running Rails.
+  # the same name as the operating system users running Rails.
   #username: mseals
 
   # The password associated with the postgres role (username).
@@ -47,7 +47,7 @@ development:
   # If your server runs on a different port number, change accordingly.
   #port: 5432
 
-  # Schema search path. The server defaults to $user,public
+  # Schema search path. The server defaults to $users,public
   #schema_search_path: myapp,sharedapp,public
 
   # Minimum log levels, in increasing order:

config/initializers/devise.rb

@@ -39,9 +39,9 @@
   require 'devise/orm/active_record'
 
   # ==> Configuration for any authentication mechanism
-  # Configure which keys are used when authenticating a user. The default is
+  # Configure which keys are used when authenticating a users. The default is
   # just :email. You can configure it to use [:username, :subdomain], so for
-  # authenticating a user, both parameters are required. Remember that those
+  # authenticating a users, both parameters are required. Remember that those
   # parameters are used only when authenticating and not when retrieving from
   # session. If you need permissions, you should implement that in a before filter.
   # You can also supply a hash where the value is a boolean determining whether
@@ -56,13 +56,13 @@
   # config.request_keys = []
 
   # Configure which authentication keys should be case-insensitive.
-  # These keys will be downcased upon creating or modifying a user and when used
-  # to authenticate or find a user. Default is :email.
+  # These keys will be downcased upon creating or modifying a users and when used
+  # to authenticate or find a users. Default is :email.
   config.case_insensitive_keys = [:email]
 
   # Configure which authentication keys should have whitespace stripped.
   # These keys will have whitespace before and after removed upon creating or
-  # modifying a user and when used to authenticate or find a user. Default is :email.
+  # modifying a users and when used to authenticate or find a users. Default is :email.
   config.strip_whitespace_keys = [:email]
 
   # Tell if authentication through request.params is enabled. True by default.
@@ -92,7 +92,7 @@
   # Does not affect registerable.
   # config.paranoid = true
 
-  # By default Devise will store the user in session. You can skip storage for
+  # By default Devise will store the users in session. You can skip storage for
   # particular strategies by setting this option.
   # Notice that if you are skipping storage for all authentication paths, you
   # may want to disable generating routes to Devise's sessions controller by
@@ -128,28 +128,28 @@
   # Set up a pepper to generate the hashed password.
   # config.pepper = '53822594a35602814ec41bea69b8f684abe242edc29ef9c564c0300239d65e76dad977a2a625900ccb50f674ccaec75e7858b258a883ffb79b97180924f68f59'
 
-  # Send a notification to the original email when the user's email is changed.
+  # Send a notification to the original email when the users's email is changed.
   # config.send_email_changed_notification = false
 
-  # Send a notification email when the user's password is changed.
+  # Send a notification email when the users's password is changed.
   # config.send_password_change_notification = false
 
   # ==> Configuration for :confirmable
-  # A period that the user is allowed to access the website even without
-  # confirming their account. For instance, if set to 2.days, the user will be
+  # A period that the users is allowed to access the website even without
+  # confirming their account. For instance, if set to 2.days, the users will be
   # able to access the website for two days without confirming their account,
   # access will be blocked just in the third day.
-  # You can also set it to nil, which will allow the user to access the website
+  # You can also set it to nil, which will allow the users to access the website
   # without confirming their account.
-  # Default is 0.days, meaning the user cannot access the website without
+  # Default is 0.days, meaning the users cannot access the website without
   # confirming their account.
   # config.allow_unconfirmed_access_for = 2.days
 
-  # A period that the user is allowed to confirm their account before their
-  # token becomes invalid. For example, if set to 3.days, the user can confirm
+  # A period that the users is allowed to confirm their account before their
+  # token becomes invalid. For example, if set to 3.days, the users can confirm
   # their account within 3 days after the mail was sent, but on the fourth day
   # their account can't be confirmed with the token any more.
-  # Default is nil, meaning there is no restriction on how long a user can take
+  # Default is nil, meaning there is no restriction on how long a users can take
   # before confirming their account.
   # config.confirm_within = 3.days
 
@@ -163,13 +163,13 @@
   # config.confirmation_keys = [:email]
 
   # ==> Configuration for :rememberable
-  # The time the user will be remembered without asking for credentials again.
+  # The time the users will be remembered without asking for credentials again.
   # config.remember_for = 2.weeks
 
-  # Invalidates all the remember me tokens when the user signs out.
+  # Invalidates all the remember me tokens when the users signs out.
   config.expire_all_remember_me_on_sign_out = true
 
-  # If true, extends the user's remember period when remembered via cookie.
+  # If true, extends the users's remember period when remembered via cookie.
   # config.extend_remember_period = false
 
   # Options to be passed to the created cookie. For instance, you can set
@@ -182,12 +182,12 @@
 
   # Email regex used to validate email formats. It simply asserts that
   # one (and only one) @ exists in the given string. This is mainly
-  # to give user feedback and not to assert the e-mail validity.
+  # to give users feedback and not to assert the e-mail validity.
   config.email_regexp = /\A[^@\s]+@[^@\s]+\z/
 
   # ==> Configuration for :timeoutable
-  # The time you want to timeout the user session without activity. After this
-  # time the user will be asked for credentials again. Default is 30 minutes.
+  # The time you want to timeout the users session without activity. After this
+  # time the users will be asked for credentials again. Default is 30 minutes.
   # config.timeout_in = 30.minutes
 
   # ==> Configuration for :lockable
@@ -200,7 +200,7 @@
   # config.unlock_keys = [:email]
 
   # Defines which strategy will be used to unlock an account.
-  # :email = Sends an unlock link to the user email
+  # :email = Sends an unlock link to the users email
   # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
   # :both  = Enables both strategies
   # :none  = No unlock strategy. You should handle unlocking by yourself.
@@ -226,8 +226,8 @@
   # change their passwords.
   config.reset_password_within = 6.hours
 
-  # When set to false, does not sign a user in automatically after their password is
-  # reset. Defaults to true, so a user is signed in automatically after a reset.
+  # When set to false, does not sign a users in automatically after their password is
+  # reset. Defaults to true, so a users is signed in automatically after a reset.
   # config.sign_in_after_reset_password = true
 
   # ==> Configuration for :encryptable
@@ -247,16 +247,16 @@
   # config.scoped_views = false
 
   # Configure the default scope given to Warden. By default it's the first
-  # devise role declared in your routes (usually :user).
-  # config.default_scope = :user
+  # devise role declared in your routes (usually :users).
+  # config.default_scope = :users
 
   # Set this configuration to false if you want /users/sign_out to sign out
   # only the current scope. By default, Devise signs out all scopes.
   # config.sign_out_all_scopes = true
 
   # ==> Navigation configuration
   # Lists the formats that should be treated as navigational. Formats like
-  # :html should redirect to the sign in page when the user does not have
+  # :html should redirect to the sign in page when the users does not have
   # access, but formats like :xml or :json, should return 401.
   #
   # If you have any extra navigational formats, like :iphone or :mobile, you
@@ -271,15 +271,15 @@
   # ==> OmniAuth
   # Add a new OmniAuth provider. Check the wiki for more information on setting
   # up on your models and hooks.
-  # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
+  # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'users,public_repo'
 
   # ==> Warden configuration
   # If you want to use other strategies, that are not supported by Devise, or
   # change the failure app, you can configure them inside the config.warden block.
   #
   # config.warden do |manager|
   #   manager.intercept_401 = false
-  #   manager.default_strategies(scope: :user).unshift :some_external_strategy
+  #   manager.default_strategies(scope: :users).unshift :some_external_strategy
   # end
 
   # ==> Mountable engine configurations
@@ -307,7 +307,7 @@
 
   # ==> Configuration for :registerable
 
-  # When set to false, does not sign a user in automatically after their password is
-  # changed. Defaults to true, so a user is signed in automatically after changing a password.
+  # When set to false, does not sign a users in automatically after their password is
+  # changed. Defaults to true, so a users is signed in automatically after changing a password.
   # config.sign_in_after_change_password = true
 end

db/migrate/20230624071753_devise_create_users.rb

@@ -32,6 +32,7 @@ def change
       # t.string   :unlock_token # Only if unlock strategy is :email or :both
       # t.datetime :locked_at
 
+      t.integer  :role, default: 0, null: false
 
       t.timestamps null: false
     end