AO3-6672 Allow some admins to set a generic username

[brianjaustin]

Pull Request Checklist

• Have you read "How to write the perfect pull request"?
• Have you read the contributing guidelines?
• Have you added tests for any changed functionality?
• Have you added the Jira issue number
  as the first thing in your pull request title (e.g. AO3-1234 Fix thing)
• Do you have fewer than 5 pull requests already open? If not, please wait
  until they are reviewed and merged before creating new pull requests.

Issue

https://otwarchive.atlassian.net/browse/AO3-6672

Purpose

Allow superadmins and policy_and_abuse to set a generic username for users (even when banned). Because #4991 is already open, I have not added the subscript for "Ticket ID" as noted in the ticket.

Side question: do we want to update some of the copy/variables here to be more consistent? I observed login (has to stay), user name, and username in different spots...

[sarken]

If you're up for changing copy in a whole bunch of places, I'm up for testing! We ultimately want to switch from "user name" to "username" but it's in soooo many places I didn't want to inflict that on anyone.

I think this covers all the references to this page so we could at least have some consistency in this area:

• this change_username page, including error messages
• the link in the /views/users/_edit_header_navigation.html.erb partial
• the link in the /views/users/_edit_user_navigation.html.erb partial
• the reference to this page on /app/views/pseuds/_pseuds_form.html.erb ("You cannot change the pseud that matches your user name. However, you can change your user name instead.")
• the link in /app/views/preferences/index.html.erb

[sarken]

Just a couple quick frontend suggestions since we were talking about text changes!

[Bilka2]

Besides the comments I left, I think it would be good to have a feature test that goes through renaming a user as an admin. Just to make sure nothing gets missed because the specs test pretty close to the implementation itself.

[Bilka2]

Why a banned user?

[brianjaustin]

Non-exhaustive checking that users who cannot access this page themselves can be renamed by an admin

[Bilka2]

What about ticket_number?

[brianjaustin]

Since https://github.com/otwcode/otwarchive/pull/4994/files#diff-a55bf747ae62cffdcdb15d898d6bde2ab06b44df40317d8c44330e1615b6c50fR133 already tests that, I disabled the ticket_number requirement here. I'd rather not turn it back on, because we have to mock quite a few things to make the Zoho validation happy

[sarken]

I was reviewing in two tabs simultaneously so I could go back and forth between the views and the locales, so I'm sure this will be quality. If anything is confusing or contradictory, my bad, please yell!

[sarken]

I agree with Brian here. Since we're already supposed to be ignoring the renamed_at when an admin goes to change a name, I think it makes sense that admin renames just ignore the renamed_at entirely.

However, we could add a separate admin_renamed_at column to the users table for general tracking purposes. That does feel like something that could be both useful and clarifying if you're looking at an audit or just a user in the database.

[brianjaustin]

I needed to make changes here to fix issues with how @invitation is referenced (locals versus just passing it in). For everyone's sanity, I'll do the rest of the erb lint fixes in #5000 since that has most of them already anyways

[Bilka2]

Thank you!

[sarken]

Since we're now updating the actual form tags, let's add the classes that are missing on so many forms:

Suggested change

	<%= form_tag url_for(controller: "admin/admin_invitations", action: "find"), autocomplete: "off", method: :get do %>
	<%= form_tag url_for(controller: "admin/admin_invitations", action: "find"), autocomplete: "off", class: "invitation simple search", method: :get do %>

[sarken]

Missed a string, although it could really be "Search" instead of "Go."

[sarken]

I think this needs some interpolation so the link to the name is part of the translated text.

[sarken]

Suggested change

	<%= form_tag url_for(controller: "admin/admin_invitations", action: :invite_from_queue), autocomplete: "off" do %>
	<fieldset class="simple">
	<%= form_tag url_for(controller: "admin/admin_invitations", action: :invite_from_queue), class: "queue invitation simple post", autocomplete: "off" do %>
	<fieldset>

[sarken]

Suggested change

	<%= form_tag url_for(controller: "admin/admin_invitations", action: :create), autocomplete: "off" do |f| %>
	<fieldset class="simple">
	<%= form_tag url_for(controller: "admin/admin_invitations", action: :create), class: "invitation simple post", autocomplete: "off" do |f| %>
	<fieldset>

Conveniently, this will move the submit button closer to the fields. simple was in the wrong place to have any effect before.

[sarken]

Same suggestion for the legend and heading as in the admin partial:

Suggested change

	<%= form_tag changed_username_user_path(@user), autocomplete: "off" do %>
	<dl>
	<%= form_tag changed_username_user_path(@user), class: "simple post", autocomplete: "off" do %>
	<legend><%= t(".legend") %></legend>
	<h3 class="landmark heading"><%= t(".heading") %></h3>
	<dl>

[sarken]

Does this need autocomplete: "disabled" when the form has autocomplete: "off" because it's a password field?

[sarken]

Suggested change

	<%= render partial: "invitations/user_invitations", invitations: @invitations %>
	<%= render "invitations/user_invitations", invitations: @invitations %>

[sarken]

Suggested change

	<%= render partial: "invitations/invitation", invitation: @invitation %>
	<%= render "invitations/invitation", invitation: @invitation %>

[sarken]

Suggested change

	<%= render partial: "invitations/user_invitations", invitations: @invitations %>
	<%= render "invitations/user_invitations", invitations: @invitations %>

[sarken]

(Sorry for all the comments! If it makes you feel any better, the review took me three days to finish. 😆)