From 5c79d3752420c391b3e60ca237c0c490e6793131 Mon Sep 17 00:00:00 2001
From: Ahmad Farhat <ahmad.af.farhat@gmail.com>
Date: Wed, 7 Oct 2020 11:23:19 -0400
Subject: [PATCH] GRN2-xx: Added a tab that displays invited users when using
 Join by Invitation (#2162)

* Added a tab that displays invited users when using Join by Invitation

* Made search work
---
 app/controllers/admins_controller.rb          |  11 +-
 app/controllers/concerns/populator.rb         |  11 ++
 app/models/invitation.rb                      |   9 ++
 .../components/_invited_users_table.html.erb  |  49 +++++++
 .../components/_manage_users_table.html.erb   | 122 ++++++++++++++++
 .../components/_manage_users_tags.html.erb    |   9 +-
 app/views/admins/components/_users.html.erb   | 133 ++----------------
 config/locales/en.yml                         |   2 +
 8 files changed, 216 insertions(+), 130 deletions(-)
 create mode 100644 app/views/admins/components/_invited_users_table.html.erb
 create mode 100644 app/views/admins/components/_manage_users_table.html.erb

diff --git a/app/controllers/admins_controller.rb b/app/controllers/admins_controller.rb
index 24f6d91d..dbe8ef00 100644
--- a/app/controllers/admins_controller.rb
+++ b/app/controllers/admins_controller.rb
@@ -40,9 +40,14 @@ class AdminsController < ApplicationController
     @tab = params[:tab] || "active"
     @role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
 
-    @user_list = merge_user_list
+    if @tab == "invited"
+      users = invited_users_list
+    else
+      users = manage_users_list
+      @user_list = merge_user_list
+    end
 
-    @pagy, @users = pagy(manage_users_list)
+    @pagy, @users = pagy(users)
   end
 
   # GET /admins/site_settings
@@ -133,7 +138,7 @@ class AdminsController < ApplicationController
       send_invitation_email(current_user.name, email, invitation.invite_token)
     end
 
-    redirect_to admins_path
+    redirect_back fallback_location: admins_path
   end
 
   # GET /admins/reset
diff --git a/app/controllers/concerns/populator.rb b/app/controllers/concerns/populator.rb
index 0b0cd743..59e2b9d7 100644
--- a/app/controllers/concerns/populator.rb
+++ b/app/controllers/concerns/populator.rb
@@ -85,4 +85,15 @@ module Populator
     return initial_list unless Rails.configuration.loadbalanced_configuration
     initial_list.where(provider: @user_domain)
   end
+
+  # Returns a list off all current invitations
+  def invited_users_list
+    list = if Rails.configuration.loadbalanced_configuration
+      Invitation.where(provider: @user_domain)
+    else
+      Invitation.all
+    end
+
+    list.admins_search(@search).order(updated_at: :desc)
+  end
 end
diff --git a/app/models/invitation.rb b/app/models/invitation.rb
index b1e36afb..20b05ad1 100644
--- a/app/models/invitation.rb
+++ b/app/models/invitation.rb
@@ -20,4 +20,13 @@ class Invitation < ApplicationRecord
   has_secure_token :invite_token
 
   scope :valid, -> { where(updated_at: (Time.now - 48.hours)..Time.now) }
+
+  def self.admins_search(string)
+    return all if string.blank?
+
+    search_query = "email LIKE :search"
+
+    search_param = "%#{sanitize_sql_like(string)}%"
+    where(search_query, search: search_param)
+  end
 end
diff --git a/app/views/admins/components/_invited_users_table.html.erb b/app/views/admins/components/_invited_users_table.html.erb
new file mode 100644
index 00000000..dc0b2671
--- /dev/null
+++ b/app/views/admins/components/_invited_users_table.html.erb
@@ -0,0 +1,49 @@
+<div class="form-group">
+  <div class="row">
+    <div class="col-12">
+      <div class="table-responsive">
+        <table class="table table-hover table-outline table-vcenter card-table">
+          <thead>
+            <tr>
+              <th>
+                <%= t("email") %>
+              </th>
+              <th>
+                <%= t("administrator.users.table.time") %>
+              </th>
+              <th>
+                <%= t("administrator.users.table.valid") %>
+              </th>
+            </tr>
+          </thead>
+          <tbody>
+            <% if @users %>
+              <% @users.each do |user| %>
+                <tr>
+                    <td>
+                      <div><%= user.email %></div>
+                    </td>
+                    <td>
+                      <div><%= friendly_time(user.updated_at) %></div>
+                    </td>
+                    <td>
+                      <div>
+                        <% if ((Time.now - 48.hours)..Time.now).cover?(user.updated_at) %>
+                          <i class="fas fa-check ml-3 text-success"></i>
+                        <% else %>
+                          <i class="fas fa-times ml-3 text-danger"></i>
+                        <% end %>
+                      </div>
+                    </td>
+                </tr>
+              <% end %>
+            <% end %>
+          </tbody>
+        </table>
+        <div class="float-md-right mt-4">
+          <%== pagy_bootstrap_nav(@pagy) %>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
\ No newline at end of file
diff --git a/app/views/admins/components/_manage_users_table.html.erb b/app/views/admins/components/_manage_users_table.html.erb
new file mode 100644
index 00000000..f4d00db3
--- /dev/null
+++ b/app/views/admins/components/_manage_users_table.html.erb
@@ -0,0 +1,122 @@
+<div class="form-group">
+  <div class="row">
+    <div class="col-12">
+      <div class="table-responsive">
+        <table class="table table-hover table-outline table-vcenter card-table">
+          <thead>
+            <tr>
+              <th data-header="name" data-order="<%= @order_column == "name" ? @order_direction : "none" %>">
+                <%= t("administrator.users.table.name") %>
+                <% if @order_column == "name" && @order_direction == "desc" %>
+                 ↓
+                <% elsif @order_column == "name" && @order_direction == "asc" %>
+                 ↑
+                <% end %>
+              </th>
+              <th data-header="email" data-order="<%= @order_column == "email" ? @order_direction : "none" %>">
+                <%= t("administrator.users.table.username") %>
+                <% if @order_column == "email" && @order_direction == "desc" %>
+                 ↓
+                <% elsif @order_column == "email" && @order_direction == "asc" %>
+                 ↑
+                <% end %>
+              </th>
+              <th class="text-left" data-header="provider" data-order="<%= @order_column == "provider" ? @order_direction : "none" %>">
+                <%= t("administrator.users.table.authenticator") %>
+                <% if @order_column == "provider" && @order_direction == "desc" %>
+                 ↓
+                <% elsif @order_column == "provider" && @order_direction == "asc" %>
+                 ↑
+                <% end %>
+              </th>
+              <th class="text-center">
+                <%= t("administrator.users.table.role") %>
+              </th>
+              <th class="text-center">
+              </th>
+            </tr>
+          </thead>
+          <tbody id="users-table">
+            <tr id="no_users_found" style="display: none;">
+              <td colspan="7" class="text-center h4 p-6 font-weight-normal" >
+                <%= t("administrator.users.table.not_found") %>
+              </td>
+            </tr>
+            <% if @users %>
+              <% @users.each do |user| %>
+                <% if user != current_user %>
+                  <tr data-user-uid="<%= user.uid %>">
+                    <td>
+                      <div><%= user.name %></div>
+                      <div class="small text-muted"><%= [t("administrator.users.table.created"), ": ", user.created_at].join %></div>
+                    </td>
+                    <td class="user-email"><%= user.email && user.email != "" ? user.email : user.username%></td>
+                    <td><%= user.provider %></td>
+                    <td class="text-center">
+                      <%= render "admins/components/admins_role", role: user.role %>
+                    </td>
+                    <td>
+                      <% if !user.has_role?("super_admin") %>
+                        <div class="item-action dropdown">
+                          <a href="javascript:void(0)" data-toggle="dropdown" class="icon">
+                            <i class="fas fa-ellipsis-v px-4"></i>
+                          </a>
+                          <div class="dropdown-menu dropdown-menu">
+                            <% if user.deleted? %>
+                              <%= button_to admin_undelete_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
+                                <i class="dropdown-icon fas fa-recycle"></i> <%= t("administrator.users.settings.undelete") %>
+                              <% end %>
+                              <button class="delete-user dropdown-item" data-path="<%= delete_user_path(user_uid: user.uid, permanent: "true") %>" data-toggle="modal" data-target="#deleteAccountModal">
+                                <i class="dropdown-icon fas fa-skull-crossbones"></i> <%= t("administrator.users.settings.perm_delete") %>
+                              </button>
+                            <% elsif user.has_role?("denied") %>
+                              <%= button_to admin_unban_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
+                                <i class="dropdown-icon fas fa-lock-open"></i> <%= t("administrator.users.settings.unban") %>
+                              <% end %>
+                              <button class= "delete-user dropdown-item" data-path="<%= delete_user_path(user_uid: user.uid) %>" data-delete="temp-delete" data-toggle="modal" data-target="#deleteAccountModal">
+                                <i class="dropdown-icon fas fa-user-minus"></i> <%= t("administrator.users.settings.delete") %>
+                              </button>
+                            <% elsif user.has_role?("pending") %>
+                              <%= button_to admin_approve_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
+                                <i class="dropdown-icon far fa-check-circle"></i> <%= t("administrator.users.settings.approve") %>
+                              <% end %>
+                              <%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
+                                <i class="dropdown-icon far fa-times-circle"></i> <%= t("administrator.users.settings.decline") %>
+                              <% end %>
+                            <% else %>
+                              <%= link_to admin_edit_user_path(user_uid: user.uid), class: "dropdown-item" do %>
+                                <i class="dropdown-icon fas fa-user-edit"></i> <%= t("administrator.users.settings.edit") %>
+                              <% end %>
+                              <button class= "merge-user dropdown-item" data-path="<%= merge_user_path(user_uid: user.uid) %>" data-info="<%= user.slice(:name, :email, :uid).to_json %>" data-toggle="modal" data-target="#mergeUserModal">
+                                <i class="dropdown-icon fas fa-user-friends"></i> <%= t("administrator.users.settings.merge") %>
+                              </button>
+                              <%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
+                                <i class="dropdown-icon fas fa-lock"></i> <%= t("administrator.users.settings.ban") %>
+                              <% end %>
+                              <button class= "delete-user dropdown-item" data-path="<%= delete_user_path(user_uid: user.uid) %>" data-delete="temp-delete" data-toggle="modal" data-target="#deleteAccountModal">
+                                <i class="dropdown-icon fas fa-user-minus"></i> <%= t("administrator.users.settings.delete") %>
+                              </button>
+                            <% end %>
+                          </div>
+                        </div>
+                      <% end %>
+                    </td>
+                  </tr>
+                <% end %>
+              <% end %>
+            <% else %>
+              <tr>
+                <td colspan="7" class="text-center h4 p-6 font-weight-normal" >
+                  <%= t("administrator.users.table.no_users") %>
+                </td>
+              </tr>
+            <% end %>
+          </tbody>
+        </table>
+        <div class="float-md-right mt-4">
+          <%== pagy_bootstrap_nav(@pagy) %>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
\ No newline at end of file
diff --git a/app/views/admins/components/_manage_users_tags.html.erb b/app/views/admins/components/_manage_users_tags.html.erb
index d3928db6..29fe491a 100644
--- a/app/views/admins/components/_manage_users_tags.html.erb
+++ b/app/views/admins/components/_manage_users_tags.html.erb
@@ -28,11 +28,16 @@
       <a class="nav-item p-3 nav-link <%= 'active' if @tab == 'deleted' %>" id="Deleted" href="?tab=deleted" role="tab" aria-selected="false"><i class="far mr-2 fa-trash-alt"></i>
         <%= t("roles.deleted") %>
       </a>
-    </div>
-    <% if admin_invite_registration %>
+      <% if admin_invite_registration %>
+        <a class="nav-item p-3 nav-link <%= 'active' if @tab == 'invited' %>" id="Invited" href="?tab=invited" role="tab" aria-selected="false"><i class="fas mr-2 fa-envelope"></i>
+          <%= t("roles.invited") %>
+        </a>
+      </div>
       <%= link_to "#inviteModal", class: "btn btn-primary pt-3", id: "invite-user", "data-toggle": "modal" do %>
         <%= t("administrator.users.invite") %><i class="fas fa-paper-plane ml-3"></i>
       <% end %>
+    <% else %>
+      </div>
     <% end %>
   </nav>
 </div>
diff --git a/app/views/admins/components/_users.html.erb b/app/views/admins/components/_users.html.erb
index c58adb3e..c34b405f 100644
--- a/app/views/admins/components/_users.html.erb
+++ b/app/views/admins/components/_users.html.erb
@@ -19,129 +19,12 @@
   <%= render "admins/components/admins_tags" %>
 <% end %>
 
-<div class="form-group">
-  <div class="row">
-    <div class="col-12">
-      <div class="table-responsive">
-        <table class="table table-hover table-outline table-vcenter card-table">
-          <thead>
-            <tr>
-              <th data-header="name" data-order="<%= @order_column == "name" ? @order_direction : "none" %>">
-                <%= t("administrator.users.table.name") %>
-                <% if @order_column == "name" && @order_direction == "desc" %>
-                 ↓
-                <% elsif @order_column == "name" && @order_direction == "asc" %>
-                 ↑
-                <% end %>
-              </th>
-              <th data-header="email" data-order="<%= @order_column == "email" ? @order_direction : "none" %>">
-                <%= t("administrator.users.table.username") %>
-                <% if @order_column == "email" && @order_direction == "desc" %>
-                 ↓
-                <% elsif @order_column == "email" && @order_direction == "asc" %>
-                 ↑
-                <% end %>
-              </th>
-              <th class="text-left" data-header="provider" data-order="<%= @order_column == "provider" ? @order_direction : "none" %>">
-                <%= t("administrator.users.table.authenticator") %>
-                <% if @order_column == "provider" && @order_direction == "desc" %>
-                 ↓
-                <% elsif @order_column == "provider" && @order_direction == "asc" %>
-                 ↑
-                <% end %>
-              </th>
-              <th class="text-center">
-                <%= t("administrator.users.table.role") %>
-              </th>
-              <th class="text-center">
-              </th>
-            </tr>
-          </thead>
-          <tbody id="users-table">
-            <tr id="no_users_found" style="display: none;">
-              <td colspan="7" class="text-center h4 p-6 font-weight-normal" >
-                <%= t("administrator.users.table.not_found") %>
-              </td>
-            </tr>
-            <% if @users %>
-              <% @users.each do |user| %>
-                <% if user != current_user %>
-                  <tr data-user-uid="<%= user.uid %>">
-                    <td>
-                      <div><%= user.name %></div>
-                      <div class="small text-muted"><%= [t("administrator.users.table.created"), ": ", user.created_at].join %></div>
-                    </td>
-                    <td class="user-email"><%= user.email && user.email != "" ? user.email : user.username%></td>
-                    <td><%= user.provider %></td>
-                    <td class="text-center">
-                      <%= render "admins/components/admins_role", role: user.role %>
-                    </td>
-                    <td>
-                      <% if !user.has_role?("super_admin") %>
-                        <div class="item-action dropdown">
-                          <a href="javascript:void(0)" data-toggle="dropdown" class="icon">
-                            <i class="fas fa-ellipsis-v px-4"></i>
-                          </a>
-                          <div class="dropdown-menu dropdown-menu">
-                            <% if user.deleted? %>
-                              <%= button_to admin_undelete_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
-                                <i class="dropdown-icon fas fa-recycle"></i> <%= t("administrator.users.settings.undelete") %>
-                              <% end %>
-                              <button class="delete-user dropdown-item" data-path="<%= delete_user_path(user_uid: user.uid, permanent: "true") %>" data-toggle="modal" data-target="#deleteAccountModal">
-                                <i class="dropdown-icon fas fa-skull-crossbones"></i> <%= t("administrator.users.settings.perm_delete") %>
-                              </button>
-                            <% elsif user.has_role?("denied") %>
-                              <%= button_to admin_unban_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
-                                <i class="dropdown-icon fas fa-lock-open"></i> <%= t("administrator.users.settings.unban") %>
-                              <% end %>
-                              <button class= "delete-user dropdown-item" data-path="<%= delete_user_path(user_uid: user.uid) %>" data-delete="temp-delete" data-toggle="modal" data-target="#deleteAccountModal">
-                                <i class="dropdown-icon fas fa-user-minus"></i> <%= t("administrator.users.settings.delete") %>
-                              </button>
-                            <% elsif user.has_role?("pending") %>
-                              <%= button_to admin_approve_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
-                                <i class="dropdown-icon far fa-check-circle"></i> <%= t("administrator.users.settings.approve") %>
-                              <% end %>
-                              <%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
-                                <i class="dropdown-icon far fa-times-circle"></i> <%= t("administrator.users.settings.decline") %>
-                              <% end %>
-                            <% else %>
-                              <%= link_to admin_edit_user_path(user_uid: user.uid), class: "dropdown-item" do %>
-                                <i class="dropdown-icon fas fa-user-edit"></i> <%= t("administrator.users.settings.edit") %>
-                              <% end %>
-                              <button class= "merge-user dropdown-item" data-path="<%= merge_user_path(user_uid: user.uid) %>" data-info="<%= user.slice(:name, :email, :uid).to_json %>" data-toggle="modal" data-target="#mergeUserModal">
-                                <i class="dropdown-icon fas fa-user-friends"></i> <%= t("administrator.users.settings.merge") %>
-                              </button>
-                              <%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item", "data-disable": "" do %>
-                                <i class="dropdown-icon fas fa-lock"></i> <%= t("administrator.users.settings.ban") %>
-                              <% end %>
-                              <button class= "delete-user dropdown-item" data-path="<%= delete_user_path(user_uid: user.uid) %>" data-delete="temp-delete" data-toggle="modal" data-target="#deleteAccountModal">
-                                <i class="dropdown-icon fas fa-user-minus"></i> <%= t("administrator.users.settings.delete") %>
-                              </button>
-                            <% end %>
-                          </div>
-                        </div>
-                      <% end %>
-                    </td>
-                  </tr>
-                <% end %>
-              <% end %>
-            <% else %>
-              <tr>
-                <td colspan="7" class="text-center h4 p-6 font-weight-normal" >
-                  <%= t("administrator.users.table.no_users") %>
-                </td>
-              </tr>
-            <% end %>
-          </tbody>
-        </table>
-        <div class="float-md-right mt-4">
-          <%== pagy_bootstrap_nav(@pagy) %>
-        </div>
-      </div>
-    </div>
-  </div>
-</div>
+<% if @tab == "invited" %>
+  <%= render "admins/components/invited_users_table" %>
+<% else %>
+  <%= render "admins/components/manage_users_table" %>
+  <%= render "shared/modals/delete_account_modal", delete_location: relative_root %>
+  <%= render "shared/modals/merge_user_modal" %>
+<% end %>
 
-<%= render "shared/modals/invite_user_modal" %>
-<%= render "shared/modals/delete_account_modal", delete_location: relative_root %>
-<%= render "shared/modals/merge_user_modal" %>
+  <%= render "shared/modals/invite_user_modal" %>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index dca31006..c14ce71a 100755
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -202,12 +202,14 @@ en:
       table:
         authenticator: Authenticator
         created: Created
+        time: Time Sent
         name: Name
         not_found: No users match your search
         no_users: No users found
         role: Role
         uid: User ID
         username: Username
+        valid: Valid
       title: Manage Users
   add_to_google_calendar: "Add to Google Calendar"
   bigbluebutton: BigBlueButton