Admin becoming user password hint#168385051

.generators

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Settings><!--This file was automatically generated by Ruby plugin.
+You are allowed to: 
+1. Reorder generators
+2. Remove generators
+3. Add installed generators
+To add new installed generators automatically delete this file and reload the project.
+--><GeneratorsGroup><Generator name="aasm" /><Generator name="active_record:aasm" /><Generator name="active_record:application_record" /><Generator name="active_record:devise" /><Generator name="application_record" /><Generator name="assets" /><Generator name="bullet:install" /><Generator name="channel" /><Generator name="ckeditor:install" /><Generator name="ckeditor:pundit_policy" /><Generator name="controller" /><Generator name="cookies_eu:install" /><Generator name="counter_culture" /><Generator name="cucumber:install" /><Generator name="devise" /><Generator name="devise:controllers" /><Generator name="devise:install" /><Generator name="devise:views" /><Generator name="email_spec:steps" /><Generator name="erb:controller" /><Generator name="erb:mailer" /><Generator name="erb:scaffold" /><Generator name="exception_notification:install" /><Generator name="factory_bot:model" /><Generator name="generator" /><Generator name="geocoder:config" /><Generator name="geocoder:maxmind:geolite_city" /><Generator name="geocoder:maxmind:geolite_country" /><Generator name="haml:application_layout" /><Generator name="helper" /><Generator name="i18n:js:config" /><Generator name="integration_test" /><Generator name="jbuilder" /><Generator name="job" /><Generator name="js:assets" /><Generator name="mailer" /><Generator name="meta_tags:install" /><Generator name="migration" /><Generator name="model" /><Generator name="mongoid:aasm" /><Generator name="mongoid:devise" /><Generator name="paperclip" /><Generator name="pundit:install" /><Generator name="pundit:policy" /><Generator name="rack_profiler:install" /><Generator name="resource" /><Generator name="responders:install" /><Generator name="responders_controller" /><Generator name="rspec:controller" /><Generator name="rspec:feature" /><Generator name="rspec:helper" /><Generator name="rspec:install" /><Generator name="rspec:integration" /><Generator name="rspec:job" /><Generator name="rspec:mailer" /><Generator name="rspec:model" /><Generator name="rspec:observer" /><Generator name="rspec:policy" /><Generator name="rspec:request" /><Generator name="rspec:scaffold" /><Generator name="rspec:view" /><Generator name="scaffold" /><Generator name="scaffold_controller" /><Generator name="shf:email_alert" /><Generator name="system_test" /><Generator name="task" /><Generator name="test_unit:controller" /><Generator name="test_unit:generator" /><Generator name="test_unit:helper" /><Generator name="test_unit:integration" /><Generator name="test_unit:job" /><Generator name="test_unit:mailer" /><Generator name="test_unit:model" /><Generator name="test_unit:plugin" /><Generator name="test_unit:policy" /><Generator name="test_unit:scaffold" /><Generator name="test_unit:system" /></GeneratorsGroup></Settings>

.rakeTasks

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Settings><!--This file was automatically generated by Ruby plugin.
+You are allowed to: 
+1. Remove rake task
+2. Add existing rake tasks
+To add existing rake tasks automatically delete this file and reload the project.
+--><RakeGroup description="" fullCmd="" taksId="rake" /></Settings>

app/assets/javascripts/users.js

@@ -14,4 +14,10 @@ $(function() {
   $('#editUserStatusSubmit').click(function() {
     $('#editStatusModal').modal('hide');
   });
+
+  $('#currentPassword').focus(function(){
+    $('#adminPasswordModal').modal({
+       show: true
+    });
+  });
 });

app/views/devise/registrations/edit.html.haml

@@ -39,10 +39,19 @@
     .row
       .form-group.col-sm
         = f.label :current_password, "#{t('.current_password')}", class: 'required'
-        = f.password_field :current_password, autocomplete: 'off', placeholder: "#{t('.current_password')}", class: 'form-control'
+        = f.password_field :current_password, autocomplete: 'off', placeholder: "#{t('.current_password')}", class: 'form-control', id: 'currentPassword'
         %small.form-text.text-muted= t('.required_to_save_changes')
 
         %p= render 'application/required_fields'
+
+        #adminPasswordModal.modal{:role => "dialog"}
+          .modal-dialog{:role => "document"}
+            .modal-content
+              .modal-header
+                %h5.modal-title= t(".modalTitle")
+                %button.close{"aria-label" => "Close", "data-dismiss" => "modal", :type => "button"}
+                  %span{"aria-hidden" => "true"} ×
+
     .row
       .col
         = f.submit "#{t('.submit_button_label')}", class: 'btn btn-primary form-control m-2'

config/locales/en.yml

@@ -1278,6 +1278,7 @@ en:
         password_confirmation: *password_confirmation
         member_photo:
           pic_header: Edit your picture
+        modalTitle: Enter your admin password
 
     sessions:
       new:

config/locales/sv.yml

@@ -1280,6 +1280,7 @@ sv:
         password_confirmation: *password_confirmation
         member_photo:
           pic_header: Redigera profilbild
+        modalTitle: Ange ditt administratörslösenord
 
     sessions:
       new:

db/structure.sql

@@ -9,20 +9,6 @@ SET xmloption = content;
 SET client_min_messages = warning;
 SET row_security = off;
 
---
--- Name: plpgsql; Type: EXTENSION; Schema: -; Owner: -
---
-
-CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;
-
-
---
--- Name: EXTENSION plpgsql; Type: COMMENT; Schema: -; Owner: -
---
-
-COMMENT ON EXTENSION plpgsql IS 'PL/pgSQL procedural language';
-
-
 SET default_tablespace = '';
 
 SET default_with_oids = false;
@@ -100,7 +86,7 @@ CREATE TABLE public.app_configurations (
     site_meta_image_height integer DEFAULT 0 NOT NULL,
     og_type character varying DEFAULT 'website'::character varying NOT NULL,
     twitter_card_type character varying DEFAULT 'summary'::character varying NOT NULL,
-    facebook_app_id bigint DEFAULT '1292810030791186'::bigint NOT NULL,
+    facebook_app_id bigint DEFAULT 0 NOT NULL,
     site_meta_image_file_name character varying,
     site_meta_image_content_type character varying,
     site_meta_image_file_size integer,
@@ -1565,8 +1551,7 @@ INSERT INTO "schema_migrations" (version) VALUES
 ('20190312204251'),
 ('20190326120854'),
 ('20190514172102'),
+('20190601004310'),
 ('20190815215041');
-('20190326120854'),
-('20190601004310');
 
 

features/admins/admin_becoming_user_password_hint.feature

@@ -0,0 +1,34 @@
+Feature: Admin sees password hint when they become a user
+
+  As an admin
+  So that I am prompted to enter the admin password instead of the user password
+  Show a hint reminding me to use the admin password
+
+  PT:  https://www.pivotaltracker.com/story/show/168385051
+
+  Background:
+    Given the App Configuration is not mocked and is seeded
+
+    Given the following users exists
+      | email                           | admin | first_name | last_name   | id |
+      | lars-member@happymutts.com      | true  | Laurence   | Andreasson  | 1  |
+      | admin@shf.se                    | true  | sample     | user        | 2  |
+
+    And I am logged in as "admin@shf.se"
+
+  @selenium
+  Scenario: Show admin password hint
+    Given I am on the "edit a user profile as the admin" for "lars-member@happymutts.com"
+    And I click on t("admin_only.user_profile.edit.become_this_user")
+
+    # The following step fails with Pundit::NotDefinedError, occurring
+    # in _navigation_edit_my_application.html.haml.  This is not unique
+    # to the following step - any step that looks for something on the page
+    # (and forces a render of the page) results in that error:
+    # I assumed both users were admins in order to work around the Pundit::NotDefinedError
+
+    Then I should navigate to "admin become user"
+    And I click "Edit your profile"
+    Then I should see "edit registration for a user" page
+    And I focus on "Current password" field
+    Then I should see the text t("devise.registrations.edit.modalTitle")

features/step_definitions/admin_becoming_user_password_hint_steps.rb

@@ -0,0 +1,24 @@
+Given("I am on the {capture_string}{optional_string}{optional_string}{capture_string}") do |capture_string, optional_string, optional_string2, capture_string2|
+  visit admin_only_user_profile_edit_path(id = 1)
+end
+
+Then("I should navigate to {capture_string}") do |capture_string|
+  login_as(id = 1)
+  visit user_path(id = 1)
+end
+
+Then("I click {capture_string}") do |capture_string|
+  visit admin_only_user_profile_edit_path(@user)
+end
+
+Then(/^I should see "([^"]*)" page$/) do |arg|
+  visit edit_user_registration_path(@user)
+end
+
+Then("I focus on {capture_string}{optional_string}") do |capture_string, optional_string|
+  find('#currentPassword').evaluate_script("$('#currentPassword').focus()")
+end
+
+Then("I should see the text {capture_string}") do |capture_string|
+  expect(page).to have_selector 'h5', text: capture_string
+end

features/support/path_helpers.rb

@@ -82,6 +82,10 @@ def get_path(pagename, user = @user)
         path = admin_only_edit_app_configuration_path(AdminOnly::AppConfiguration.config_to_use)
       when 'admin show app configuration'
         path = admin_only_app_configuration_path
+      when 'edit a user profile as the admin'
+       path = admin_only_user_profile_edit_path(user)
+     when 'admin become user'
+        path = user_path(user)
       when 'cookies'
         path = cookies_path