Remove roles

Author: lorenyu

template/docs/{{app_name}}/auth.md

@@ -13,7 +13,6 @@ Authentication is the process of verifying the credentials of a user. We use AWS
 
 Authorization is the process of determining whether a user has access to a specific resource. We use [Pundit](https://github.com/varvet/pundit) for authorization.
 
-- User roles are defined in the `user_roles` table
 - Policies (`app/policies`) are created for each model to define who can perform what actions
 - Policies are used in controllers to authorize actions
 - Policies are used in views to show/hide elements based on user permissions

template/{{app_name}}/app/controllers/application_controller.rb

@@ -24,10 +24,6 @@ def after_sign_in_path_for(resource)
       return users_mfa_preference_path
     end
 
-    if resource.employer?
-      return dev_sandbox_path
-    end
-
     users_account_path
   end
 end

template/{{app_name}}/app/controllers/users/registrations_controller.rb

@@ -4,13 +4,8 @@ class Users::RegistrationsController < ApplicationController
   layout "users"
   skip_after_action :verify_authorized
 
-  def new_applicant
-    @form = Users::RegistrationForm.new(role: "applicant")
-    render :new
-  end
-
-  def new_employer
-    @form = Users::RegistrationForm.new(role: "employer")
+  def new
+    @form = Users::RegistrationForm.new()
     render :new
   end
 
@@ -23,7 +18,7 @@ def create
     end
 
     begin
-      auth_service.register(@form.email, @form.password, @form.role)
+      auth_service.register(@form.email, @form.password)
     rescue Auth::Errors::BaseAuthError => e
       flash.now[:errors] = [ e.message ]
       return render :new, status: :unprocessable_entity
@@ -77,7 +72,7 @@ def auth_service
     end
 
     def registration_params
-      params.require(:users_registration_form).permit(:email, :password, :password_confirmation, :role, :spam_trap)
+      params.require(:users_registration_form).permit(:email, :password, :password_confirmation, :spam_trap)
     end
 
     def verify_account_params

template/{{app_name}}/app/forms/users/registration_form.rb

@@ -3,9 +3,9 @@
 class Users::RegistrationForm
   include ActiveModel::Model
 
-  attr_accessor :email, :password, :password_confirmation, :role, :spam_trap
+  attr_accessor :email, :password, :password_confirmation, :spam_trap
 
-  validates :email, :password, :role, presence: true
+  validates :email, :password, presence: true
   validates :email, format: { with: URI::MailTo::EMAIL_REGEXP }, if: -> { email.present? }
 
   validates :password, confirmation: true, if: -> { password.present? }

template/{{app_name}}/app/models/user.rb

@@ -8,23 +8,11 @@ class User < ApplicationRecord
 
   # == Relationships ========================================================
   has_many :tasks
-  has_one :user_role, dependent: :destroy
 
   # == Validations ==========================================================
   validates :provider, presence: true
 
   # == Methods ==============================================================
-  def applicant?
-    user_role&.applicant?
-  end
-
-  def employer?
-    user_role&.employer?
-  end
-
-  def superadmin?
-    email.include?("+admin")
-  end
 
   # Check if the access token is expired or will expire within the next `minutes` minutes.
   # Access token is only stored in the session, so it needs passed in, rather than accessed from the model.

template/{{app_name}}/app/models/user_role.rb

@@ -34,12 +34,12 @@ def respond_to_auth_challenge(code, challenge = {})
     handle_auth_result(response, challenge[:email])
   end
 
-  def register(email, password, role)
+  def register(email, password)
     # @TODO: Handle errors from the auth service, like when the email is already taken
     # See https://github.com/navapbc/template-application-rails/issues/15
     account = @auth_adapter.create_account(email, password)
 
-    create_db_user(account[:uid], email, account[:provider], role)
+    create_db_user(account[:uid], email, account[:provider])
   end
 
   # Verify the code sent to the user as part of their initial sign up process.
@@ -72,15 +72,14 @@ def disable_software_token(user)
 
   private
 
-    def create_db_user(uid, email, provider, role = "applicant")
-      Rails.logger.info "Creating User uid: #{uid}, and UserRole: #{role}"
+    def create_db_user(uid, email, provider)
+      Rails.logger.info "Creating User uid: #{uid}"
 
       user = User.create!(
         uid: uid,
         email: email,
         provider: provider,
       )
-      user_role = UserRole.create!(user: user, role: role)
       user
     end
 

template/{{app_name}}/app/services/auth_service.rb

@@ -7,66 +7,11 @@
 <p class="usa-intro">
   <%= t('.intro') %>
 </p>
-
-<div class="grid-row">
-  <ul class="usa-card-group">
-    <li class="usa-card grid-col-12 mobile-lg:grid-col-6">
-      <div class="usa-card__container">
-        <div class="usa-card__header">
-          <h2 class="usa-card__heading">
-            <%= t('.applicant_heading') %>
-          </h2>
-        </div>
-        <div class="usa-card__media">
-          <div class="usa-card__img">
-            <%= image_tag 'applicant.jpg', alt: "Man with two younger children" %>
-          </div>
-        </div>
-        <div class="usa-card__body">
-          <p>
-            <%= t('.applicant_body') %>
-          </p>
-        </div>
-        <div class="usa-card__footer">
-          <a href="<%= users_new_applicant_registration_path %>" class="usa-button">
-            <%= t('.applicant_signup') %>
-          </a>
-          <p>
-            <a class="usa-link" href="<%= new_user_session_path %>">
-              <%= t('.or_sign_in') %>
-            </a>
-          </p>
-        </div>
-      </div>
-    </li>
-    <li class="usa-card grid-col-12 mobile-lg:grid-col-6">
-      <div class="usa-card__container">
-        <div class="usa-card__header">
-          <h2 class="usa-card__heading">
-            <%= t('.employer_heading') %>
-          </h2>
-        </div>
-        <div class="usa-card__media">
-          <div class="usa-card__img">
-            <%= image_tag 'employer.jpg', alt: "Person at a desk using a laptop" %>
-          </div>
-        </div>
-        <div class="usa-card__body">
-          <p>
-            <%= t('.employer_body') %>
-          </p>
-        </div>
-        <div class="usa-card__footer">
-          <a href="<%= users_new_employer_registration_path %>" class="usa-button">
-            <%= t('.employer_signup') %>
-          </a>
-          <p>
-            <a class="usa-link" href="<%= new_user_session_path %>">
-              <%= t('.or_sign_in') %>
-            </a>
-          </p>
-        </div>
-      </div>
-    </li>
-  </ul>
-</div>
+<a href="<%= users_new_registration_path %>" class="usa-button">
+  <%= t('.signup') %>
+</a>
+<p>
+  <a class="usa-link" href="<%= new_user_session_path %>">
+    <%= t('.or_sign_in') %>
+  </a>
+</p>

template/{{app_name}}/app/views/home/index.html.erb

@@ -1,18 +1,17 @@
-<% content_for :title, t(".title_#{@form.role}") %>
-<% icon = @form.role == "applicant" ? "local_library" : "local_library" %>
-<% icon_color = @form.role == "applicant" ? "violet" : "mint" %>
+<% content_for :title, t(".title") %>
+<% icon = "local_library" %>
+<% icon_color = "violet" %>
 
 <div class="bg-white padding-top-3 padding-bottom-5 padding-x-5 border border-base-lighter">
   <div class="text-center margin-bottom-2 padding-bottom-2 border-bottom border-base-lighter">
     <svg class="usa-icon usa-icon--size-6 text-<%= icon_color %>" aria-hidden="true" focusable="false" role="img">
       <use xlink:href="<%= asset_path "@uswds/uswds/dist/img/sprite.svg##{icon}" %>"></use>
     </svg>
 
-    <h1 class="font-heading-xl margin-y-0"><%= t(".title_#{@form.role}") %></h1>
+    <h1 class="font-heading-xl margin-y-0"><%= t(".title") %></h1>
   </div>
 
   <%= us_form_with model: @form, url: users_registrations_path, local: true do |f| %>
-    <%= f.hidden_field :role %>
     <%= f.honeypot_field %>
     <%= f.email_field :email %>
 
@@ -29,7 +28,7 @@
 
     <%= f.password_field :password_confirmation, autocomplete: "new-password", id: "new-password-confirmation" %>
 
-    <%= f.submit t(".title_#{@form.role}") %>
+    <%= f.submit t(".title") %>
   <% end %>
 </div>
 
@@ -39,27 +38,3 @@
     <%= t ".login" %>
   </a>
 </p>
-
-<%= content_for :sidebar do %>
-  <% if @form.role == "applicant" %>
-    <h2 class="font-heading-lg"><%= t('.are_employer_heading') %></h2>
-    <div class="usa-prose">
-      <p><%= t('.are_employer_body') %></p>
-      <p>
-        <a class="usa-button usa-button--outline" href="<%= users_new_employer_registration_path %>">
-          <%= t('.are_employer_action') %>
-        </a>
-      </p>
-    </div>
-  <% else %>
-    <h2 class="font-heading-lg"><%= t('.are_applicant_heading') %></h2>
-    <div class="usa-prose">
-      <p><%= t('.are_applicant_body') %></p>
-      <p>
-        <a class="usa-button usa-button--outline" href="<%= users_new_applicant_registration_path %>">
-          <%= t('.are_applicant_action') %>
-        </a>
-      </p>
-    </div>
-  <% end %>
-<% end %>

template/{{app_name}}/app/views/users/registrations/new.html.erb

@@ -29,7 +29,7 @@
 
 <p class="text-center">
   <%= t('.no_account') %>
-  <a class="usa-link" href="<%= url_for users_new_applicant_registration_path %>">
+  <a class="usa-link" href="<%= url_for users_new_registration_path %>">
     <%= t('.create_account') %>
   </a>.
-</p>
+</p>