feat: admin teacher/staff CRUD ops

app/controllers/location_accounts_controller.rb

@@ -15,5 +15,16 @@ module LocationAccountsController
       set_status_updated
       render json: LocationAccountSerializer.new(location_account)
     end
+
+    delete '/v1/location-accounts/:location_account_id' do
+      location_account = LocationAccount.find(params[:location_account_id])
+      location = location_account.location
+
+      ensure_or_forbidden! { current_user.admin_at?(location) }
+
+      location_account.destroy!
+
+      success_response
+    end
   end
 end

app/controllers/locations_controller.rb

@@ -102,5 +102,59 @@ module LocationsController
       stats = LocationStatsOverview.new(location, params[:date])
       render json: LocationStatsOverviewSerializer.new(stats)
     end
+
+    post '/v1/locations/:location_id/users' do
+      location = Location.find_by_id_or_permalink!(params[:location_id])
+      ensure_or_forbidden! { current_user.admin_at? location }
+
+      user = User.new(
+        cohorts: Cohort.where(code: request_json[:cohorts]),
+        location_accounts: [
+          LocationAccount.new(location: location, **request_json.slice(:role, :permission_level)),
+        ],
+        **request_json.slice(:first_name, :last_name, :email, :mobile_number)
+      )
+
+      if user.save
+        InviteWorker.perform_async(user.id) if params[:send_invite]
+
+        set_status_created
+        render json: UserSerializer.new(user)
+      else
+        error_response(user)
+      end      
+    end
+
+    patch '/v1/locations/:location_id/users/:user_id' do
+      location = Location.find_by_id_or_permalink!(params[:location_id])
+      user = location.users.find(params[:user_id])
+
+      ensure_or_forbidden! { current_user.admin_at? location }
+
+      user.update_account!(
+        **request_json.merge(location: location.id).symbolize_keys
+      )
+
+      set_status_updated
+      render json: UserSerializer.new(user)
+    end
+
+    delete '/v1/locations/:location_id/users/:user_id' do
+      location = Location.find_by_id_or_permalink!(params[:location_id])
+      user = location.users.find(params[:user_id])
+
+      ensure_or_forbidden! { current_user.admin_at? location }
+
+      if params[:nuke]
+        ActiveRecord::Base.transaction do
+          user.children.each(&:destroy!)
+          user.destroy!
+        end
+      else
+        user.destroy!
+      end
+
+      success_response
+    end
   end
 end

app/models/location.rb

@@ -216,6 +216,21 @@ def downcased_cohort_schema
     parsed.transform_keys(&:downcase).transform_values { |v| v.map(&:downcase) }
   end
 
+  # cohort schema for front-end usage
+  def full_cohort_schema
+    return cohort_schema if cohort_schema.blank?
+    parsed = cohort_schema.is_a?(String) ? JSON.parse(cohort_schema) : cohort_schema
+    full_cohort_schema = {}
+
+    parsed.each do |category, names|
+      full_cohort_schema[category] = names.map do |name|
+        [Cohort.format_code(category, name), name]
+      end
+    end
+
+    full_cohort_schema
+  end
+
   def valid_cohort_category?(category)
     downcased_cohort_schema.key?(category.tr('#', '').downcase)
   end

app/models/user.rb

@@ -113,7 +113,7 @@ def self.mobile_taken?(phone_number)
 
   def self.create_account!(
     first_name:, last_name:, location:, role:,
-    password: nil, title: nil, external_id: nil,
+    password: nil, external_id: nil, cohorts: [],
     email: nil, mobile_number: nil, permission_level: 'none'
   )
     ActiveRecord::Base.transaction do
@@ -122,7 +122,8 @@ def self.create_account!(
         last_name: last_name,
         email: email,
         mobile_number: mobile_number,
-        password: password
+        password: password,
+        cohorts: Cohort.where(code: cohorts)
       )
 
       l = Location.find_by_id_or_permalink!(location)
@@ -132,7 +133,30 @@ def self.create_account!(
         user_id: u.id,
         location: l,
         role: role,
-        title: title,
+        permission_level: permission_level
+      )
+
+      u
+    end
+  end
+
+  def update_account!(
+    first_name:, last_name:, location:, role:,
+    email: nil, cohorts: [],
+    mobile_number: nil, permission_level: 'none'
+  )
+    ActiveRecord::Base.transaction do
+      self.update!(
+        first_name: first_name,
+        last_name: last_name,
+        email: email,
+        mobile_number: mobile_number,
+        cohorts: Cohort.where(code: cohorts)
+      )
+
+      la = location_accounts.find_by!(location_id: location)
+      la.update!(
+        role: role,
         permission_level: permission_level
       )
     end

app/serializers/cohort_serializer.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 class CohortSerializer < ApplicationSerializer
-  attributes :name, :category
+  attributes :name, :category, :code
   has_one :location
 end

app/serializers/location_serializer.rb

@@ -21,4 +21,5 @@ class LocationSerializer < ApplicationSerializer
   attribute :updated_at
   attribute :registration_code
   attribute :employee_count
+  attribute :full_cohort_schema
 end

client/src/api/index.ts

@@ -15,6 +15,7 @@ import {
 } from 'src/models'
 import { RecordResponse } from 'src/types'
 import { transformRecordResponse, recordStore } from './stores'
+import { TeacherStaffInput } from 'src/pages/admin/TeacherStaffForm'
 
 const BASE_URL = `${env.API_URL}/v1`
 
@@ -158,6 +159,10 @@ export async function updateLocationAccount(
   return entity
 }
 
+export async function deleteLocationAccount(locationAccount: LocationAccount) {
+  await v1.delete(`/location-accounts/${locationAccount.id}`)
+}
+
 //
 // Users
 //
@@ -180,6 +185,37 @@ export async function updateUser(user: User, updates: Partial<User>): Promise<Us
   return entity
 }
 
+export async function createTeacherStaff(
+  location: Location,
+  user: TeacherStaffInput,
+  send_invite: boolean
+): Promise<User> {
+  const response = await v1.post(
+    `/locations/${location.id}/users?send_invite=${send_invite}`,
+    transformForAPI(user)
+  )
+
+  const entity = transformRecordResponse<User>(response.data)
+  assertNotArray(entity)
+  return entity
+}
+
+export async function updateTeacherStaff(
+  user: User,
+  location: Location,
+  updates: TeacherStaffInput
+): Promise<User> {
+  const response = await v1.patch(`/locations/${location.id}/users/${user.id}`, transformForAPI(updates))
+
+  const entity = transformRecordResponse<User>(response.data)
+  assertNotArray(entity)
+  return entity
+}
+
+export async function deleteUser(user: User, location: Location, with_children: boolean) {
+  await v1.delete(`/locations/${location.id}/users/${user.id}?nuke=${with_children}`)
+}
+
 export async function completeWelcomeUser(user: User): Promise<User> {
   const response = await v1.put<RecordResponse<User>>(`/users/${user.id}/complete-welcome`)
   const entity = transformRecordResponse<User>(response.data)

client/src/config/routes.ts

@@ -46,6 +46,7 @@ import WelcomeReviewPage from 'src/pages/welcome/WelcomeReviewPage'
 import WelcomeSurveyPage from 'src/pages/welcome/WelcomeSurveyPage'
 import BrevardResourcesPage from 'src/pages/resources/BrevardResourcesPage'
 import AdminUserPage from 'src/pages/admin/AdminUserPage'
+import AdminUserEditPage from 'src/pages/admin/AdminUserEditPage'
 import HelpScoutPage from 'src/pages/resources/HelpScoutPage'
 import PositiveResourcesPage from 'src/pages/resources/PositiveResourcesPage'
 import AdminDashboardPage from 'src/pages/admin/AdminDashboardPage'
@@ -316,11 +317,21 @@ const routeMap = {
     component: AdminUsersPage,
     beforeEnter: beforeEnter.requireSignIn,
   },
+  adminUserAddPath: {
+    path: '/admin/locations/:locationId/users/new',
+    component: AdminUserEditPage,
+    beforeEnter: beforeEnter.requireSignIn,
+  },
   adminUserPath: {
     path: '/admin/locations/:locationId/users/:userId',
     component: AdminUserPage,
     beforeEnter: beforeEnter.requireSignIn,
   },
+  adminUserEditPath: {
+    path: '/admin/locations/:locationId/users/:userId/edit',
+    component: AdminUserEditPage,
+    beforeEnter: beforeEnter.requireSignIn,
+  },
   adminDashboardPath: {
     path: '/admin/locations/:locationId/dashboard',
     component: AdminDashboardPage,

client/src/i18n/locales/en.json

@@ -13,6 +13,12 @@
   "AdminUserPermissionsPage.permission_level": "Permission Level",
   "AdminUsersPage.location_permissions": "Permissions",
   "AdminUsersPage.user_more": "More",
+  "AdminUserPage.unlink": "Unlink",
+  "AdminUserPage.unlink_caution": "Are you sure to unlink this user from the location?",
+  "AdminUserPage.delete": "Delete",
+  "AdminUserPage.with_children": "Together with Children",
+  "AdminUserPage.delete_caution": "Are you sure to delete this user?",
+  "AdminUserPage.delete_with_children_caution": "Are you sure to delete this user? The children of this user will also be deleted.",
   "BusinessLocationForm.business_id": "Business ID (Used for Links)",
   "BusinessLocationForm.business_name": "Business Name",
   "BusinessLocationForm.create_location": "Create Your Location",
@@ -47,6 +53,7 @@
   "Common.somethings_wrong": "Something went wrong",
   "Common.spanish": "Español",
   "Common.submission_failed": "Submission Failed",
+  "Common.save": "Save",
   "Common.submit": "Submit",
   "Common.submitting": "Submitting...",
   "Common.success": "Success",
@@ -124,6 +131,8 @@
   "Forms.mobile_number": "Mobile Number",
   "Forms.password": "Password",
   "Forms.reveal_password": "Reveal Password",
+  "Forms.role": "Role",
+  "Forms.send_invite": "Send Invitation",
   "GreenlightStatus.absent": "Absent",
   "GreenlightStatus.cleared": "Cleared",
   "GreenlightStatus.not_submitted": "Not Submitted",
@@ -408,4 +417,4 @@
   "{0, plural, one {# child} other {# children}}": "{0, plural, one {# child} other {# children}}",
   "{0, plural, one {# location} other {# locations}}": "{0, plural, one {# location} other {# locations}}",
   "{0, plural, one {child} other {children}}": "{0, plural, one {child} other {children}}"
-}
+}

client/src/models/Cohort.ts

@@ -20,6 +20,9 @@ export class Cohort extends Model {
   @attr({ type: STRING })
   name: string = ''
 
+  @attr({ type: STRING })
+  code: string = ''
+
   @attr({ type: DATETIME })
   createdAt: DateTime = DateTime.fromISO('')
 }

client/src/models/Location.ts

@@ -28,6 +28,8 @@ export enum LocationCategories {
   LOCATION = 'location',
 }
 
+type CohortSchema = { [key: string]: Array<string>[] }
+
 type CategoryTranlsations = { [key in LocationCategories]: string[] }
 // HACK: We need a proper way to organize translations like this
 const LC: CategoryTranlsations = {
@@ -164,11 +166,21 @@ export class Location extends Model {
   @attr({ type: STRING })
   parentRegistrationCode: string | null = ''
 
+  @attr({ type: Object })
+  fullCohortSchema: CohortSchema | null = null
+
   registrationWithCodeURL(): string {
     return `glit.me/go/${this.permalink}/code/${this.registrationCode}`
   }
 
   parentRegistrationWithCodeURL(): string {
     return `glit.me/go/${this.permalink}/code/${this.parentRegistrationCode}`
   }
+
+  hasCohortSchema(): boolean {
+    if (!this.fullCohortSchema) return false
+    if (Object.keys(this.fullCohortSchema).length === 0) return false
+
+    return true
+  }
 }

client/src/models/LocationAccount.ts

@@ -12,6 +12,9 @@ export enum PermissionLevels {
 
 export enum Roles {
   STUDENT = 'student',
+  TEACHER = 'teacher',
+  STAFF = 'staff',
+  UNKNOWN = 'unknown',
 }
 
 export class LocationAccount extends Model {