Admin functions.

app/controllers/articles_controller.rb

@@ -53,7 +53,7 @@ def set_article
   end
 
   def require_same_user
-    if current_user != @article.user
+    if current_user != @article.user && !current_user.admin?
       flash[:danger] = "You can only edit or delete your own articles."
       redirect_to root_path
     end

app/controllers/users_controller.rb

@@ -1,6 +1,7 @@
 class UsersController < ApplicationController
   before_action :set_user, only: [:edit, :update, :show]
-  before_action :require_same_user, only: [:edit, :update]
+  before_action :require_same_user, only: [:edit, :update, :destroy]
+  before_action :require_admin, only: [:destroy]
 
   def index
     @users = User.paginate(page: params[:page], per_page: 5)
@@ -37,6 +38,13 @@ def update
     end
   end
 
+  def destroy
+    @user = User.find(params[:id])
+    @user.destroy
+    flash[:danger] = "User and all articles created by user have been deleted."
+    redirect_to users_path
+  end
+
   private
   def user_params
     params.require(:user).permit(:username, :email, :password)
@@ -47,10 +55,17 @@ def set_user
   end
 
   def require_same_user
-    if current_user != @user
+    if current_user != @user && !current_user.admin?
       flash[:danger] = "You can only edit your own account."
       redirect_to root_path
     end
   end
 
+  def require_admin
+    if logged_in? && !current_user.admin?
+      flash[:danger] = "Only admins users can perform that action."
+      redirect_to root_path
+    end
+  end
+
 end

app/models/user.rb

@@ -1,5 +1,5 @@
 class User < ActiveRecord::Base
-  has_many :articles
+  has_many :articles, dependent: :destroy
   before_save { self.email = email.downcase }
   validates :username, presence: true,
             length: { minimum: 3, maximum: 25 },
@@ -10,6 +10,6 @@ class User < ActiveRecord::Base
             length: { maximum: 105 },
             uniqueness: { case_sensitive: false },
             format: { with: VALID_EMAIL_REGEX }
-            
+
   has_secure_password
 end

app/views/articles/_article.html.erb

@@ -13,7 +13,7 @@
                 last updated at: <%= time_ago_in_words(article.updated_at) %> ago</small>
           </div>
         </div>
-        <% if logged_in? && current_user == article.user %>
+        <% if logged_in? && (current_user == article.user || current_user.admin?) %>
           <div class="center">
             <%= link_to "Edit this article", edit_article_path(article), class: "btn btn-default"%>
             <%= link_to "Delete this article", article_path(article), method: :delete, data: {confirm: "Are you sure?"}, class: "btn btn-default delete-btn" %>

app/views/articles/show.html.erb

@@ -17,7 +17,7 @@
 
 <div class="center" style="padding-bottom: 30px">
   <%= link_to "Back to articles list", articles_path, class: "btn btn-primary" %>
-  <% if logged_in? && current_user == @article.user %>
+  <% if logged_in? && ( current_user == @article.user || current_user.admin? ) %>
     <%= link_to "Edit this article", edit_article_path(@article), class: "btn btn-default"%>
     <%= link_to "Delete this article", article_path(@article), method: :delete, data: {confirm: "Are you sure?"}, class: "btn btn-default delete-btn" %>
   <% end %>

app/views/layouts/_navigation.html.erb

@@ -39,13 +39,15 @@
         <% if logged_in? %>
           <li> <%= link_to "Log out", logout_path, method: :delete %> </li>
           <li class="dropdown">
-            <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Your Profile <span class="caret"></span></a>
+            <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
+              Your <%= "Admin" if current_user.admin? %> Profile <span class="caret"></span>
+            </a>
             <ul class="dropdown-menu">
               <li> <%= link_to "Edit your profile", edit_user_path(current_user) %></a></li>
               <li><%= link_to "View your profile", user_path(current_user) %></li>
 
               <li role="separator" class="divider"></li>
-              <li><a href="#">Separated link</a></li>
+              <li> <%= link_to "Log out", logout_path, method: :delete %> </li>
             </ul>
           </li>
         <% else %>

app/views/users/index.html.erb

@@ -8,6 +8,10 @@
           <li><%= link_to gravatar_for(user), user_path(user) %></li>
           <li class="article-title"> <%= link_to user.username, user_path(user) %> </li>
           <li><small><%= pluralize(user.articles.count, "article") if user.articles %></small></li>
+          <% if logged_in? && current_user.admin? %>
+            <li><%= link_to "Delete this user", user_path(user), method: :delete,
+            data: { confirm: "Are you that you want to delete the user and all of his articles?" } %></li>
+          <% end %>
         </div>
       </div>
     </ul>

db/migrate/20170228021927_add_admin_to_users.rb

@@ -0,0 +1,5 @@
+class AddAdminToUsers < ActiveRecord::Migration[5.0]
+  def change
+    add_column :users, :admin, :boolean, default: false
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20170227133108) do
+ActiveRecord::Schema.define(version: 20170228021927) do
 
   create_table "articles", force: :cascade do |t|
     t.string   "title"
@@ -23,9 +23,10 @@
   create_table "users", force: :cascade do |t|
     t.string   "username"
     t.string   "email"
-    t.datetime "created_at",      null: false
-    t.datetime "updated_at",      null: false
+    t.datetime "created_at",                      null: false
+    t.datetime "updated_at",                      null: false
     t.string   "password_digest"
+    t.boolean  "admin",           default: false
   end
 
 end