Removed is_admin from users

app/models/ability.rb

@@ -6,6 +6,9 @@ class Ability
     
     can :manage, :all if user.admin? 
     
+    can :manage, Post if user.moderator?
+    can :manage, Topic if user.moderator?
+    
     can :read, Category, :state => true
     can :read, Forum, :state => true, :category => { :state => true }
     can :read, Topic, :forum => { :state => true, :category => { :state => true } }
@@ -16,5 +19,9 @@ class Ability
     
     can :create, Post, :topic => { :locked => false } unless user.new_record?
     can :create, Topic unless user.new_record?
+
+    cannot :update, :all if user.banned?
+    cannot :destroy, :all if user.banned?
+    cannot :create, :all if user.banned?
   end
 end

app/models/role.rb

@@ -0,0 +1,5 @@
+class Role < ActiveRecord::Base
+  attr_accessible :name
+
+  has_many :users
+end

app/models/user.rb

@@ -1,5 +1,10 @@
 class User < ActiveRecord::Base
   include Gravtastic
+
+  before_create :set_default_role
+
+  belongs_to :role
+
   gravtastic :size => 165, :filetype => :png, :rating => 'R'
     
   # Include default devise modules. Others available are:
@@ -10,12 +15,29 @@ class User < ActiveRecord::Base
   validates :username, :presence => true, :uniqueness => true
 
   # Setup accessible (or protected) attributes for your model
-  attr_accessible :username, :email, :password, :password_confirmation, :remember_me, :is_admin
+  attr_accessible :username, :email, :password, :password_confirmation, :remember_me, :role_id
   
   has_many :topics, :dependent => :destroy
   has_many :posts, :dependent => :destroy
   
+  def registered?
+    self.role == Role.find_by_name('registered')
+  end
+
+  def banned?
+    self.role == Role.find_by_name('banned')
+  end
+
+  def moderator?
+    self.role == Role.find_by_name('moderator')
+  end
+  
   def admin?
-    self.is_admin
+    self.role == Role.find_by_name('admin')
+  end 
+  
+  private
+  def set_default_role
+    self.role ||= Role.find_by_name('registered')
   end
 end

app/views/layouts/application.html.erb

@@ -1,9 +1,10 @@
 <!DOCTYPE html>
-<html>
+<html lang="en">
   <head>
     <title><%= content_for?(:title) ? yield(:title) : (t :name) %></title>
-    <%= stylesheet_link_tag :application %>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <%= csrf_meta_tag %>
+    <%= stylesheet_link_tag :application %>
     <%= javascript_include_tag :application %>
     <%= yield(:head) %>
   </head>

app/views/posts/show.html.erb

@@ -1,6 +1,13 @@
+<div class="right controls">
+  <ul class="breadcrumb">
+    <li>< <%= link_to @topic.forum.category.title, :root %> <span class="divider">/</span></li>
+    <li><%= link_to @topic.forum.title, forum_path(@topic.forum) %> <span class="divider">/</span></li>
+    <li class="active"><%= link_to @topic.title, topic_path(@topic) %></li>
+  </ul>
+</div>
 <div class="module">
   <div class="module_header">
-    <%= link_to @topic.title, topic_path(@topic) %>
+    <%= @topic.title %>
     <span class="right controls">
     </span>
   </div>
@@ -11,7 +18,17 @@
               <span class="name"><%= @post.user.username %></span>
               <span class="avatar"><%= image_tag @post.user.gravatar_url %></span>
               <span class="info smaller">
-                <p><span class="label label-important"><%= "Administrator" if @post.user.admin? %></span></p>
+                <p>
+                <% if @post.user.admin? %>
+                  <span class="label label-inverse">Administrator</span>
+                <% end %>
+                <% if @post.user.moderator? %>
+                  <span class="label label-warning">Moderator</span>
+                <% end %>
+                <% if @post.user.banned? %>
+                  <span class="label label-important">Banned</span>
+                <% end %>
+                </p>
                 Posts <%= @post.user.posts_count %><br />
                 Registered <%=l @post.user.created_at %><br />
               </span>

app/views/topics/show.html.erb

@@ -33,7 +33,17 @@
               <span class="name"><%= post.user.username %></span>
               <span class="avatar"><%= image_tag post.user.gravatar_url %></span>
               <span class="info smaller">
-                <p><span class="label label-important"><%= "Administrator" if post.user.admin? %></span></p>
+                <p>
+                <% if post.user.admin? %>
+                  <span class="label label-inverse">Administrator</span>
+                <% end %>
+                <% if post.user.moderator? %>
+                  <span class="label label-warning">Moderator</span>
+                <% end %>
+                <% if post.user.banned? %>
+                  <span class="label label-important">Banned</span>
+                <% end %>
+                </p>
                 Posts <%= post.user.posts_count %><br />
                 Registered <%=l post.user.created_at %><br />
               </span>
@@ -43,9 +53,11 @@
                 <a name="<%= post.id %>"> <%= link_to ("#"+ i.to_s ), post %> </a>
                 Posted <%=l post.created_at %></span>
               <span class="right controls">
-                <%= link_to "Reply", new_topic_post_path(@topic) if can? :create, @topic.posts.new %>
-                <%= link_to "Quote", new_topic_post_path(@topic, :quote => post) if can? :create, @topic.posts.new %>
-                <%= link_to "Edit", edit_post_path(post) if can? :update, post %>
+                <% if !@topic.locked %>
+                  <%= link_to "Reply", new_topic_post_path(@topic) if can? :create, @topic.posts.new%>
+                  <%= link_to "Quote", new_topic_post_path(@topic, :quote => post) if can? :create, @topic.posts.new %>
+                  <%= link_to "Edit", edit_post_path(post) if can? :update, post %>
+                <% end %>
                 <%= link_to "Delete", post, :confirm => "Are you sure?", :method => :delete if can? :destroy, post %>
               </span>
             </td>

app/views/users/_form.html.erb

@@ -14,9 +14,9 @@
   <%= f.label :username %>
   <%= f.text_field :username %>
 
-  <p> 
-   Administrator &nbsp;  <%= f.check_box :is_admin, {checked: @user.admin?} %>
-  </p>
+  <br/>
+
+  <%= collection_select(:user, :role_id, Role.all, :id, :name) %> 
 
   <%= f.label :email %>
   <%= f.email_field :email %>

db/migrate/20130128051640_create_roles.rb

@@ -0,0 +1,9 @@
+class CreateRoles < ActiveRecord::Migration
+  def change
+    create_table :roles do |t|
+      t.string :name
+
+      t.timestamps
+    end
+  end
+end

db/migrate/20130128051658_add_role_id_to_user.rb

@@ -0,0 +1,5 @@
+class AddRoleIdToUser < ActiveRecord::Migration
+  def change
+    add_column :users, :role_id, :integer
+  end
+end

db/migrate/20130128065331_remove_is_admin_from_users.rb

@@ -0,0 +1,8 @@
+class RemoveIsAdminFromUsers < ActiveRecord::Migration
+  def up
+    remove_column :users, :is_admin
+  end
+
+  def down
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20130114162614) do
+ActiveRecord::Schema.define(:version => 20130128065331) do
 
   create_table "categories", :force => true do |t|
     t.string   "title"
@@ -42,6 +42,12 @@ ActiveRecord::Schema.define(:version => 20130114162614) do
     t.datetime "updated_at", :null => false
   end
 
+  create_table "roles", :force => true do |t|
+    t.string   "name"
+    t.datetime "created_at", :null => false
+    t.datetime "updated_at", :null => false
+  end
+
   create_table "topics", :force => true do |t|
     t.string   "title"
     t.integer  "hits",        :default => 0
@@ -70,7 +76,7 @@ ActiveRecord::Schema.define(:version => 20130114162614) do
     t.integer  "topics_count",           :default => 0
     t.integer  "posts_count",            :default => 0
     t.string   "username"
-    t.boolean  "is_admin"
+    t.integer  "role_id"
   end
 
   add_index "users", ["email"], :name => "index_users_on_email", :unique => true

db/seeds.rb

@@ -6,30 +6,26 @@
 #   cities = City.create([{ :name => 'Chicago' }, { :name => 'Copenhagen' }])
 #   Mayor.create(:name => 'Daley', :city => cities.first)
 
+['registered', 'banned', 'moderator', 'admin'].each do |role|
+  Role.find_or_create_by_name role
+end
+
 User.create!(
   [
-    { :username => "admin", :email => "admin@forum.com", :password => "forum_admin", :password_confirmation => "forum_admin", :is_admin => true },
-    { :username => "user", :email => "user@forum.com", :password => "forum_user", :password_confirmation => "forum_user" }
+    { :username => "admin", :email => "admin@forum.com", :password => "forum_admin", :password_confirmation => "forum_admin", :is_admin => true, :role => Role.find_by_name('admin') },
   ]
 )
 
 Category.create!(
   [
     { :title => "General Discussion", :position => 0 },
-    { :title => "Programming Discussions", :position => 1 }
   ]
 )
 
 Forum.create!(
   [
     { :title => "General Discussion", :description => "Discuss any topic in this forum.", :category_id => Category.find_by_title("General Discussion").id, :position => 0 },
-    { :title => "Ruby on Rails", :description => "Discuss Ruby on Rails.", :category_id => Category.find_by_title("Programming Discussions").id, :position => 0 },
-    { :title => "PHP", :description => "Discuss PHP.", :category_id => Category.find_by_title("Programming Discussions").id, :position => 1 },
-    { :title => "Javascript", :description => "Discuss Javascript.", :category_id => Category.find_by_title("Programming Discussions").id, :position => 2 },
-    { :title => "CSS", :description => "Discuss CSS.", :category_id => Category.find_by_title("Programming Discussions").id, :position => 3 }
   ]
 )
 
-# Had to do this to appease validations...
-@current_user = User.find_by_username("admin")
-@current_user.topics.create!( :title => "Welcome to the Forum Monster Demo.", :forum_id => Forum.find_by_title("General Discussion").id, :body => "Forum Monster is a simple forum generator written in rails 3. The goal of Forum Monster, is to provide a simple, and easy to setup forum application without having to dictate how your site it setup.\r\n\r\nLive Demo: [url]http://forum-monster.heroku.com[/url]\r\nGithub Repo for Demo: [url]http://github.com/gitt/forum_monster_demo[/url]\r\n\r\n[b]A few things about what Forum Monster is, and is not:[/b]\r\n\r\n[li]Forum Monster does not do any sort of authentication, or authorization. However, it does rely on the current_user method.[/li]\r\n[li]Forum Monster while trying to assume as little as possible, currently assumes that the following columns are available from your user model: username, and created_at.[/li]\r\n[li]Forum Monster does no authorization. By default all actions are available to all users. Even logged out users. ( Although, users who are not logged in cannot post, or create topics. )[/li]\r\n\r\n[b]Authentication[/b]\r\nForum Monster, as stated before, does not come with any authentication built in. The reason for this is so you can add a forum to your existing application without having to change the way your application works. Forum Monster knows about your user model from the moment you run the installation command.\r\n\r\n[b]Authorization[/b]\r\nForum Monster, by default, allows all access to all users. Even those that are not currently logged in. This was by design, because of the vast number of authorization methods out there. If I tried to cover all of them it would just get out of hand. Not to mention that as soon as an API changes, Forum Monster would be broken. This also provides a large amount of flexibility. For example, if you wanted to use CanCan, you can! declarative_authorization? Yep. Aegis? Indeed! Since you have Forum Monster's controllers in your main application, you can customize them for your specific solution just like the rest of your application!\r\n\r\n[b]Avatars[/b]\r\nI did not include support for avatars into Forum Monster for the same reason that authentication, and authorization were not included. Flexibility! You can use whatever you like, associate it with your user model, and put the corresponding image tag in the topic show view.\r\n\r\n[b]Markdown[/b]\r\nForum Monster has no forced support for markdown. Again, it's for flexibility.\r\n\r\n[b]Modifying the views, style, and adding your own images[/b]\r\nForum Monster will install the forum-monster.css stylesheet into your public/stylesheets directory. The views will be installed in your application app/views directory." )
+

test/fixtures/roles.yml

@@ -0,0 +1,7 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  name: MyString
+
+two:
+  name: MyString

test/unit/role_test.rb

@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class RoleTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end