Lots of little cleanup things

.github/workflows/specs.yml

@@ -24,7 +24,6 @@ jobs:
       TZ: America/Los_Angeles
       RAILS_ENV: test
       RUBY_ENV: test
-      attr_encrypted_key: '12345678912345678912345678912345'
       DISPLAY: ':99' # For chromedriver
       CCTR: ./cc-test-reporter
       CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}

Gemfile

@@ -31,9 +31,6 @@ gem "tzinfo-data"
 # for managing API keys
 gem "figaro"
 
-# Generate attr_accessors that transparently encrypt and decrypt attributes.
-gem "attr_encrypted", "~> 3.1.0"
-
 # Error Tracking
 gem "sentry-ruby"
 gem "sentry-rails"

Gemfile.lock

@@ -70,8 +70,6 @@ GEM
     ansi (1.5.0)
     arrayfields (4.9.2)
     ast (2.4.2)
-    attr_encrypted (3.1.0)
-      encryptor (~> 3.0.0)
     aws-eventstream (1.2.0)
     aws-partitions (1.573.0)
     aws-sdk-core (3.130.0)
@@ -184,7 +182,6 @@ GEM
     diff-lcs (1.5.0)
     docile (1.4.0)
     dumb_delegator (1.0.0)
-    encryptor (3.0.0)
     erubi (1.10.0)
     erubis (2.7.0)
     factory_bot (6.2.0)
@@ -354,7 +351,7 @@ GEM
     octokit (4.21.0)
       faraday (>= 0.9)
       sawyer (~> 0.8.0, >= 0.5.3)
-    omniauth (1.9.1)
+    omniauth (1.9.2)
       hashie (>= 3.4.6)
       rack (>= 1.6.2, < 3)
     omniauth-clever (1.2.2)
@@ -405,7 +402,7 @@ GEM
     puma (5.6.4)
       nio4r (~> 2.0)
     racc (1.6.0)
-    rack (2.2.3.1)
+    rack (2.2.4)
     rack-mini-profiler (2.3.3)
       rack (>= 1.2.0)
     rack-proxy (0.7.2)
@@ -609,7 +606,6 @@ PLATFORMS
 DEPENDENCIES
   activerecord-import
   annotate
-  attr_encrypted (~> 3.1.0)
   aws-sdk-s3
   axe-core-cucumber
   axe-core-rspec

app/controllers/application_controller.rb

@@ -49,6 +49,6 @@ def check_teacher_admin
   end
 
   def set_sentry_user
-    Sentry.set_user(id: session[:user_id]) # or anything else in session
+    Sentry.set_user(id: session[:user_id])
   end
 end

app/controllers/main_controller.rb

@@ -2,9 +2,12 @@
 
 class MainController < ApplicationController
   before_action :require_admin, only: [:dashboard]
+
   def index
     if is_admin?
       redirect_to dashboard_path
+    elsif is_teacher? && current_user.validated?
+      redirect_to pages_path, notice: "Welcome back, #{@current_user.first_name}!"
     elsif is_teacher?
       redirect_to edit_teacher_path(current_user.id), notice: "You can edit your information"
     else

app/controllers/pages_controller.rb

@@ -19,7 +19,7 @@ def create
 
     if @page.save
       flash[:success] = "Created #{@page.title} page successfully."
-      redirect_to action: "show", slug: @page.slug
+      redirect_to action: "show", url_slug: @page.url_slug
     else
       flash.now[:alert] = "An error occurred! #{@page.errors.full_messages}"
       render "edit"
@@ -57,16 +57,16 @@ def destroy
 
   private
   def load_page
-    @pages ||= Page.where(permissions: Page.viewable_pages(current_user))
+    @pages ||= Page.where(viewer_permissions: Page.viewable_pages(current_user))
     if params[:id]
       @page ||= Page.find_by(id: params[:id])
-    elsif params[:slug]
-      @page ||= Page.find_by(slug: params[:slug])
+    elsif params[:url_slug]
+      @page ||= Page.find_by(url_slug: params[:url_slug])
     end
   end
 
   def page_params
-    params.require(:page).permit(:slug, :html, :title, :permissions)
+    params.require(:page).permit(:url_slug, :html, :title, :viewer_permissions)
   end
 
   # def liquid_assigns

app/controllers/schools_controller.rb

@@ -3,35 +3,75 @@
 class SchoolsController < ApplicationController
   before_action :sanitize_params, only: [:new, :create, :edit, :update]
   before_action :require_admin
+
+  def index
+    @schools = School.all.order(:name)
+  end
+
+  def show
+    @school = School.find(params[:id])
+  end
+
   def search
     School.all.collect { |school| ["#{school.name}, #{school.city}, #{school.state}", school.name] }
   end
+
   def create
     @school = School.find_by(name: school_params[:name], city: school_params[:city], state: school_params[:state])
-    if !@school # School doesn't exist
+    if @school
+      @school.assign_attributes(school_params)
+    else
       @school = School.new(school_params)
-      if @school.save
-        flash[:success] = "Created #{@school.name} successfully."
-        redirect_to schools_path
-      else
-        redirect_to root_path, alert: "Failed to submit information :("
-      end
+    end
+    load_ordered_schools
+    if @school.save
+      flash[:success] = "Created #{@school.name} successfully."
+      redirect_to schools_path
+    else
+      flash[:alert] = "Failed to submit information :("
+      render "new"
     end
   end
 
   def new
     @school = School.new
+    load_ordered_schools
   end
 
-  def index
-    @schools = School.all
+  def edit
+    @school = School.find(params[:id])
+  end
+
+  def update
+    @school = School.find(params[:id])
+    @school.assign_attributes(school_params)
+    if @school.save
+      flash[:success] = "Update #{@school.name} successfully."
+      redirect_back_or_to schools_path
+    else
+      render "new", alert: "Failed to submit information :("
+    end
+  end
+
+  def destroy
+    @school = School.find(params[:id])
+    if @school.teachers_count > 0
+      redirect_to schools_path(@school), alert: "Cannot delete a school which still has teachers"
+      return
+    end
+    @school.destroy
+    redirect_to schools_path, notice: "Deleted \"#{@school.name}\" successfully."
   end
 
   private
   def school_params
     params.require(:school).permit(:name, :city, :state, :website, :grade_level, :school_type, { tags: [] }, :nces_id)
   end
 
+  def load_ordered_schools
+    @ordered_schools ||= School.all.order(:name)
+  end
+
   def sanitize_params
     if params[:school]
       if params[:school][:grade_level]

app/controllers/sessions_controller.rb

@@ -11,17 +11,9 @@ def destroy
   end
 
   def omniauth_callback
-    # Get access tokens from the server
-    access_token = request.env["omniauth.auth"]
-    if Teacher.validate_access_token(access_token)
-      # Tell them to register.
-      user = Teacher.user_from_omniauth(access_token)
-      # Access_token is used to authenticate request made from the Rails application to the server
-      token = access_token.credentials.token
-      # Refresh_token to request new access_token
-      # Note: Refresh_token is only sent once during the first request
-      refresh_token = access_token.credentials.refresh_token
-      setTokens(token, refresh_token, user)
+    auth_info = request.env["omniauth.auth"]
+    if Teacher.validate_access_token(auth_info)
+      user = Teacher.user_from_omniauth(auth_info)
       user.last_session_at = Time.zone.now
       user.save!
       log_in(user)
@@ -34,22 +26,4 @@ def omniauth_callback
   def omniauth_failure
     redirect_to root_url, alert: "Login failed"
   end
-
-  private
-  def setTokens(token, refresh_token, user)
-    case params[:provider]
-    when "google_oauth2"
-      user.google_token = token
-      user.google_refresh_token = refresh_token || user.google_refresh_token
-    when "microsoft_graph"
-      user.microsoft_token = token
-      user.microsoft_refresh_token = refresh_token || user.microsoft_refresh_token
-    when "discourse"
-      user.snap_token = token
-      user.snap_refresh_token = refresh_token || user.snap_refresh_token
-    when "clever"
-      user.clever_token = token
-      user.clever_refresh_token = refresh_token || user.clever_refresh_token
-    end
-  end
 end