implement /setup and /admin

app/controllers/admin/base_controller.rb

@@ -0,0 +1,4 @@
+class Admin::BaseController < ApplicationController
+  before_action :require_admin
+  layout "admin"
+end

app/controllers/admin/dashboard_controller.rb

@@ -0,0 +1,32 @@
+class Admin::DashboardController < Admin::BaseController
+  def index
+    @user_count = User.count
+    @contributor_count = User.contributor.count
+    @reviewer_count = User.reviewer.count
+    @admin_count = User.admin.count
+
+    @entry_count = Entry.count
+    @verified_count = Entry.where(verified: true).count
+    @unverified_count = @entry_count - @verified_count
+
+    @pending_suggestions_count = SuggestedMeaning.pending.count
+    @accepted_suggestions_count = SuggestedMeaning.accepted.count
+    @rejected_suggestions_count = SuggestedMeaning.rejected.count
+
+    @comment_count = Comment.count
+
+    @recent_users = User.order(created_at: :desc).limit(5)
+    @recent_entries = Entry.order(created_at: :desc).limit(5)
+    @pending_invitations = User.where.not(invitation_token: nil)
+                                 .where(invitation_accepted_at: nil)
+                                 .where("invitation_sent_at > ?", 14.days.ago)
+                                 .count
+
+    @supported_languages = SupportedLanguage.where(active: true).order(:sort_order)
+    @language_completion = @supported_languages.index_with do |language|
+      next 0 if @entry_count.zero?
+
+      (Entry.where.not(language.code => [ nil, "" ]).count * 100.0 / @entry_count).round
+    end
+  end
+end

app/controllers/admin/invitations_controller.rb

@@ -0,0 +1,49 @@
+class Admin::InvitationsController < Admin::BaseController
+  def index
+    @pending_invitations = User.where.not(invitation_token: nil)
+                                .where(invitation_accepted_at: nil)
+                                .order(invitation_sent_at: :desc)
+    @accepted_invitations = User.where.not(invitation_accepted_at: nil)
+                                 .order(invitation_accepted_at: :desc)
+                                 .limit(20)
+  end
+
+  def new
+    @invitation = User.new
+  end
+
+  def create
+    @invitation = User.new(invitation_params)
+    @invitation.invitation_token = SecureRandom.urlsafe_base64(32)
+    @invitation.invitation_sent_at = Time.current
+    @invitation.invited_by = current_user
+    @invitation.password = SecureRandom.urlsafe_base64(16)
+
+    if @invitation.save
+      # TODO: Send invitation email
+      # InvitationMailer.invite(@invitation).deliver_later
+
+      redirect_to admin_invitations_path, notice: "Invitation sent to #{@invitation.email}"
+    else
+      render :new, status: :unprocessable_entity
+    end
+  end
+
+  def destroy
+    @invitation = User.find(params[:id])
+
+    if @invitation.invitation_accepted_at.present?
+      redirect_to admin_invitations_path, alert: "Cannot cancel an accepted invitation."
+      return
+    end
+
+    @invitation.destroy
+    redirect_to admin_invitations_path, notice: "Invitation cancelled."
+  end
+
+  private
+
+  def invitation_params
+    params.require(:user).permit(:email, :name, :role, :primary_language)
+  end
+end

app/controllers/admin/users_controller.rb

@@ -0,0 +1,45 @@
+class Admin::UsersController < Admin::BaseController
+  before_action :set_user, only: [ :edit, :update, :destroy ]
+
+  def index
+    @users = User.order(created_at: :desc)
+    @users = @users.where(role: params[:role]) if params[:role].present?
+    @users = @users.where("email LIKE ?", "%#{params[:q]}%") if params[:q].present?
+  end
+
+  def edit
+  end
+
+  def update
+    if @user.update(user_params)
+      redirect_to admin_users_path, notice: "User updated successfully."
+    else
+      render :edit, status: :unprocessable_entity
+    end
+  end
+
+  def destroy
+    if @user == current_user
+      redirect_to admin_users_path, alert: "You cannot delete your own account."
+      return
+    end
+
+    if @user == User.first
+      redirect_to admin_users_path, alert: "Cannot delete the first admin user (system default contact)."
+      return
+    end
+
+    @user.destroy
+    redirect_to admin_users_path, notice: "User deleted successfully."
+  end
+
+  private
+
+  def set_user
+    @user = User.find(params[:id])
+  end
+
+  def user_params
+    params.require(:user).permit(:name, :email, :role, :primary_language)
+  end
+end

app/controllers/application_controller.rb

@@ -1,7 +1,57 @@
 class ApplicationController < ActionController::Base
-  # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
-  allow_browser versions: :modern
 
   # Changes to the importmap will invalidate the etag for HTML responses
   stale_when_importmap_changes
+
+  helper_method :current_user, :logged_in?, :admin?, :reviewer_or_admin?, :contributor_or_above?, :setup_completed?
+
+  private
+
+  def current_user
+    @current_user ||= User.find_by(id: session[:user_id]) if session[:user_id]
+  end
+
+  def logged_in?
+    current_user.present?
+  end
+
+  def admin?
+    logged_in? && current_user.admin?
+  end
+
+  def reviewer_or_admin?
+    logged_in? && (current_user.reviewer? || current_user.admin?)
+  end
+
+  def contributor_or_above?
+    logged_in?
+  end
+
+  def require_login
+    unless logged_in?
+      redirect_to login_path, alert: "You must be logged in to access this page."
+    end
+  end
+
+  def require_admin
+    unless admin?
+      redirect_to root_path, alert: "You must be an administrator to access this page."
+    end
+  end
+
+  def require_reviewer
+    unless reviewer_or_admin?
+      redirect_to root_path, alert: "You must be a reviewer or administrator to access this page."
+    end
+  end
+
+  def require_contributor
+    unless contributor_or_above?
+      redirect_to root_path, alert: "You must be a contributor to access this page."
+    end
+  end
+
+  def setup_completed?
+    File.exist?(Rails.root.join(".installed"))
+  end
 end

app/controllers/setup_controller.rb

@@ -0,0 +1,45 @@
+class SetupController < ApplicationController
+  before_action :check_setup_allowed
+
+  def show
+    @user = User.new(role: :admin)
+  end
+
+  def create
+    @user = User.new(user_params)
+    @user.role = :admin
+    @user.invitation_accepted_at = Time.current
+
+    if @user.save
+      create_installed_marker
+      session[:user_id] = @user.id
+      redirect_to admin_root_path, notice: "Setup complete! Welcome to Sanasto Wiki."
+    else
+      render :show, status: :unprocessable_entity
+    end
+  end
+
+  private
+
+  def check_setup_allowed
+    if setup_completed?
+      redirect_to root_path, alert: "Setup has already been completed."
+    end
+  end
+
+  def setup_completed?
+    File.exist?(installed_marker_path)
+  end
+
+  def installed_marker_path
+    Rails.root.join(".installed")
+  end
+
+  def create_installed_marker
+    FileUtils.touch(installed_marker_path)
+  end
+
+  def user_params
+    params.require(:user).permit(:email, :name, :password, :password_confirmation, :primary_language)
+  end
+end