Add deleted_at for User

Do not remove the user from the database. Mark as deleted instead.

app/controllers/admin/users_controller.rb

@@ -2,12 +2,28 @@ class Admin::UsersController < Admin::BaseController
   inherit_resources
 
   def index
-    @users = User.natural_order
+    @users = params[:show_deleted] ? User.deleted : User.undeleted
 
     # if somebody uses the search field:
     @users = @users.natural_search(params[:user_name]) unless params[:user_name].blank?
 
-    @users = @users.page(params[:page]).per(@per_page)
+    @users = @users.natural_order.page(params[:page]).per(@per_page)
+  end
+
+  def destroy
+    @user = User.find(params[:id])
+    @user.mark_as_deleted
+    redirect_to admin_users_url, notice: t('admin.users.destroy.notice')
+  rescue => error
+    redirect_to admin_users_url, alert: t('admin.users.destroy.error', error: error.message)
+  end
+
+  def restore
+    @user = User.find(params[:id])
+    @user.restore
+    redirect_to admin_users_url, notice: t('admin.users.restore.notice')
+  rescue => error
+    redirect_to admin_users_url, alert: t('admin.users.restore.error', error: error.message)
   end
 
   def sudo

app/controllers/application_controller.rb

@@ -20,7 +20,7 @@ class ApplicationController < ActionController::Base
     # check if there is a valid session and return the logged-in user (its object)
     if session[:user_id] && params[:foodcoop]
       # for shared-host installations. check if the cookie-subdomain fits to request.
-      @current_user ||= User.find_by_id(session[:user_id]) if session[:scope] == FoodsoftConfig.scope
+      @current_user ||= User.undeleted.find_by_id(session[:user_id]) if session[:scope] == FoodsoftConfig.scope
     end
   end
   helper_method :current_user

app/controllers/foodcoop/users_controller.rb

@@ -1,7 +1,7 @@
 class Foodcoop::UsersController < ApplicationController
 
   def index
-    @users = User.natural_order
+    @users = User.undeleted.natural_order
 
     # if somebody uses the search field:
     @users = @users.natural_search(params[:user_name]) unless params[:user_name].blank?

app/controllers/login_controller.rb

@@ -14,7 +14,7 @@ class LoginController < ApplicationController
       redirect_to forgot_password_url, alert: I18n.t('errors.general_again') and return
     end
 
-    if (user = User.find_by_email(params[:user][:email]))
+    if (user = User.undeleted.find_by_email(params[:user][:email]))
       user.request_password_reset!
     end
     redirect_to login_url, :notice => I18n.t('login.controller.reset_password.notice')