- Update user management link in index.html.erb

- Refactor user creation and show page
- Remove redundant <div>
Refactor user creation logic in Schools::UsersController
- Fix user attribute names in show.html.erb
- Add change links to user details in show.html.erb

app/controllers/schools/users_controller.rb

@@ -1,26 +1,44 @@
 module Schools
   class UsersController < BaseController
-    def index; end
+    def index
+      @users = DFESignInAPI::OrganisationUsers.new(current_user.sub, current_school.urn).users['users']
+      @dfe_sign_in_request_organisation_url =
+        Rails.application.config.x.dfe_sign_in_request_organisation_url.presence
+    end
 
     def new
-      @user = DFESignInAPI::UserInvite.new
+      @user_invite = DFESignInAPI::UserInvite.new
     end
 
     def create
-      @user_invite = DfeSignInApi::UserInvite.new(user_params)
+      @user_invite = DFESignInAPI::UserInvite.new(user_params)
+      @user_invite.organisation_id = DFESignInAPI::Organisation.new(current_user.sub, current_school.urn).current_organisation_id
 
-      if @user_invite.valid?
-        @user_invite.invite_user
-        redirect_to users_path, notice: 'User invited successfully.'
+      if params[:confirmed] == 'true'
+        if @user_invite.valid?
+          @user_invite.invite_user
+          redirect_to schools_users_path, notice: "#{@user_invite.email} has been added."
+        else
+          render :new
+        end
       else
-        render :new
+        render :show, locals: { user_invite: @user_invite }
       end
     end
 
+    def show
+      render :show
+    end
+
+    def edit
+      @user_invite = DFESignInAPI::UserInvite.new(user_params)
+      render :new, locals: { user_invite: @user_invite }
+    end
+
   private
 
     def user_params
-      params.require(:user).permit(:email, :first_name, :last_name, :organisation_id)
+      params.require(:schools_dfe_sign_in_api_user_invite).permit(:email, :firstname, :lastname, :organisation_id)
     end
   end
 end

app/services/schools/dfe_sign_in_api/organisation.rb

@@ -0,0 +1,24 @@
+module Schools
+  module DFESignInAPI
+    class Organisation < Organisations
+      attr_accessor :current_school_urn
+
+      def initialize(user_uuid, current_school_urn)
+        super(user_uuid)
+        self.current_school_urn = current_school_urn
+      end
+
+      def current_organisation
+        organisations.find { |org| org['urn'].to_i == current_school_urn }
+      end
+
+      def current_organisation_ukprn
+        current_organisation['ukprn'] if current_organisation
+      end
+
+      def current_organisation_id
+        current_organisation['id'] if current_organisation
+      end
+    end
+  end
+end

app/services/schools/dfe_sign_in_api/organisation_users.rb

@@ -0,0 +1,29 @@
+module Schools
+  module DFESignInAPI
+    class OrganisationUsers < Client
+      attr_accessor :user_uuid, :current_school_urn
+
+      def initialize(user_uuid, current_school_urn)
+        self.user_uuid = user_uuid
+        self.current_school_urn = current_school_urn
+      end
+
+      def ukprn
+        Organisation.new(user_uuid, current_school_urn).current_organisation_ukprn
+      end
+
+      def users
+        @users ||= response
+      end
+
+    private
+
+      def endpoint
+        URI::HTTPS.build(
+          host: Rails.configuration.x.dfe_sign_in_api_host,
+          path: ['/organisations', ukprn, 'users'].join('/')
+        )
+      end
+    end
+  end
+end

app/services/schools/dfe_sign_in_api/user_invite.rb

@@ -1,38 +1,39 @@
 module Schools
   module DFESignInAPI
-    class UserInvite
+    class UserInvite < Client
       include ActiveModel::Model
       include ActiveModel::Attributes
+      include ActiveRecord::AttributeAssignment
 
       attribute :email, :string
-      attribute :first_name, :string
-      attribute :last_name, :string
+      attribute :firstname, :string
+      attribute :lastname, :string
       attribute :organisation_id, :string
-      # attribute :redirect_url, :string
 
-      validates :first_name, presence: true, length: { maximum: 50 }
-      validates :last_name, presence: true, length: { maximum: 50 }
+      validates :firstname, presence: true, length: { maximum: 50 }
+      validates :lastname, presence: true, length: { maximum: 50 }
       validates :email, presence: true, length: { maximum: 100 }
       validates :email, email_format: true, if: -> { email.present? }
-      # validates :organisation_id, presence: true
-      # validates :redirect_url, presence: true
+      validates :organisation_id, presence: true
 
       def invite_user
-        raise ApiDisabled unless client.enabled?
-
-        client.invite_user(merged_payload)
+        @response = response
+        @response['success'] = @response['status'] == 'success' if @response.present?
+        @response
       end
 
-      def full_name
-        return nil unless first_name && last_name
+    private
 
-        [first_name, last_name].map(&:presence).join(' ')
-      end
+      def response
+        raise ApiDisabled unless enabled?
 
-    private
+        resp = faraday.post(endpoint) do |req|
+          req.headers['Authorization'] = "bearer #{token}"
+          req.headers['Content-Type'] = 'application/json'
+          req.body = payload.to_json
+        end
 
-      def client
-        @client ||= Schools::DFESignInAPI::Client.new
+        JSON.parse(resp.body)
       end
 
       def service_id
@@ -46,22 +47,14 @@ def endpoint
         )
       end
 
-      def user_invite_payload
-        {
-          sourceId: nil,
-          given_name: first_name,
-          family_name: last_name,
+      def payload
+        super.merge(
+          sourceId: SecureRandom.uuid,
+          given_name: firstname,
+          family_name: lastname,
           email: email,
           organisationId: organisation_id
-        }
-      end
-
-      def merged_payload
-        client_payload.merge(user_invite_payload)
-      end
-
-      def client_payload
-        client.payload
+        )
       end
     end
   end

app/views/schools/users/_form.html.erb

@@ -2,30 +2,24 @@
 <% content_for :back_link do govuk_back_link; end %>
 
 <div class="govuk-grid-row">
-  <div class="govuk-grid-column-full">
-    <div class="govuk-grid-row">
-      <div class="govuk-grid-column-two-thirds">
-        <%= form_for user,
-              url: new_schools_user_path,
-              data: { controller: "prevent-double-click", action: "submit->prevent-double-click#disableSubmitButton" } do |f| %>
-          <p> Add user details </p>
-          <h1 class="govuk-heading-l"> Personal details </h1>
-
-          <%= f.govuk_error_summary %>
-
-          <%= f.label :first_name, "First Name" %>
-          <%= f.govuk_text_field :first_name, autocomplete: 'given-name' %>
-
-          <%= f.label :first_name, "Last Name" %>
-          <%= f.govuk_text_field :last_name, autocomplete: 'family-name' %>
-
-          <%= f.label :first_name, "Email" %>
-          <%= f.govuk_email_field :email, autocomplete: 'on' %>
-
-          <%= f.govuk_submit 'Continue', data: { prevent_double_click_target: "submitButton" } %>
-        <% end %>
-        <%= link_to "Cancel",  schools_users_path, 'aria-label': "Cancel user invite" %>
-      </div>
-    </div>
+  <div class="govuk-grid-column-two-thirds">
+    <%= form_for(@user_invite, url: schools_users_path, method: :post, html: {novalidate: false}) do |f| %>
+
+      <%= f.govuk_error_summary %>
+
+      <span class="govuk-caption-xl govuk-!-margin-top-4"> Add user details </span>
+      <h1 class="govuk-heading-l"> Personal details </h1>
+
+      <%= f.govuk_error_summary %>
+
+      <%= f.govuk_text_field :firstname, autocomplete: 'given-name' %>
+
+      <%= f.govuk_text_field :lastname, autocomplete: 'family-name' %>
+
+      <%= f.govuk_email_field :email, autocomplete: 'on' %>
+
+      <%= f.govuk_submit 'Continue' %>
+    <% end %>
+    <%= link_to "Cancel",  schools_users_path, 'aria-label': "Cancel user invite" %>
   </div>
 </div>

app/views/schools/users/index.html.erb

@@ -7,7 +7,6 @@
   }
 %>
 
-
 <div class="govuk-grid-row">
   <div class="govuk-grid-column-full">
     <h1>Manage users at <%= @current_school.name %> </h1>
@@ -23,20 +22,38 @@
       </ul>
     </p>
     <p> To remove and manage users, you should go to
-     <a href="https://services.signin.education.gov.uk/my-services"> DFE Sign-in.</a>
+     <%= link_to 'DFE Sign-in', @dfe_sign_in_request_organisation_url %>
     </p>
 
-    <table id="placement-requests" class="govuk-table">
-      <thead class="govuk-table__head">
-        <tr class="govuk-table__row">
-          <th class="govuk-table__header">Name</th>
-          <th class="govuk-table__header">Email</th>
-        </tr>
-      </thead>
-      <tbody class="govuk-table__body">
+    <% if @users.any? %>
+      <div class="pagination-info higher">
+        <div class="pagination-slice">
+        </div>
+      </div>
+      <table id="invited-users" class="govuk-table">
+        <thead class="govuk-table__head">
+          <tr class="govuk-table__row">
+            <th class="govuk-table__header">Name</th>
+            <th class="govuk-table__header">Email</th>
+          </tr>
+        </thead>
+        <tbody class="govuk-table__body">
+          <% @users.each do |user| %>
+            <tr class="govuk-table__row">
+              <td class="govuk-table__cell"><%= "#{user['firstName']} #{user['lastName']}" %></td>
+              <td class="govuk-table__cell"><%= user['email'] %></td>
+            </tr>
+          <% end %>
 
-      </tbody>
-    </table>
+        </tbody>
+      </table>
+      <div class="pagination-info lower">
+      </div>
+    <% else %>
+      <p>
+        There are no other users in this school.
+      </p>
+    <% end %>
 
     <%= govuk_link_to "Return to dashboard", schools_dashboard_path, secondary: true %>
   </div>

app/views/schools/users/new.html.erb

@@ -1 +1 @@
-<%= render partial: "form", locals: { user: @user } %>
+<%= render partial: "form", locals: { user_invite: @user_invite } %>