merges master and fixes conflicts

app/controllers/admin/officials_controller.rb

@@ -0,0 +1,32 @@
+class Admin::OfficialsController < Admin::BaseController
+
+  def index
+    @officials = User.officials.page(params[:page])
+  end
+
+  def search
+    @users = User.with_email(params[:email]).page(params[:page])
+  end
+
+  def edit
+    @user = User.find(params[:id])
+  end
+
+  def update
+    @user = User.find(params[:id])
+    @user.update(user_params)
+    redirect_to admin_officials_path, notice: t("admin.officials.flash.official_updated")
+  end
+
+  def destroy
+    @official = User.officials.find(params[:id])
+    @official.remove_official_position!
+    redirect_to admin_officials_path, notice: t("admin.officials.flash.official_destroyed")
+  end
+
+  private
+    def user_params
+      params.require(:user).permit(:official_position, :official_level)
+    end
+
+end

app/controllers/admin/settings_controller.rb

@@ -0,0 +1,17 @@
+class Admin::SettingsController < Admin::BaseController
+
+  def index
+    @settings = Setting.all
+  end
+
+  def update
+    @setting = Setting.find(params[:id])
+    @setting.update(settings_params)
+    redirect_to admin_settings_path, notice: t("admin.settings.flash.updated")
+  end
+
+  private
+    def settings_params
+      params.require(:setting).permit(:value)
+    end
+end

app/controllers/api/api_controller.rb

@@ -0,0 +1,13 @@
+class Api::ApiController < ApplicationController
+  before_action :authenticate_user!
+  protect_from_forgery with: :null_session
+
+  skip_authorization_check
+  before_action :verify_administrator
+
+  private
+
+    def verify_administrator
+      raise CanCan::AccessDenied unless current_user.try(:administrator?)
+    end
+end

app/controllers/api/stats_controller.rb

@@ -0,0 +1,22 @@
+class Api::StatsController < Api::ApiController
+  def show
+    unless params[:events].present? || params[:visits].present?
+      return render json: {}, status: :bad_request
+    end
+
+    ds = Ahoy::DataSource.new
+
+    if params[:events].present?
+      event_types = params[:events].split ','
+      event_types.each do |event|
+        ds.add event.titleize, Ahoy::Event.where(name: event).group_by_day(:time).count
+      end
+    end
+
+    if params[:visits].present?
+      ds.add "Visits", Visit.group_by_day(:started_at).count
+    end
+
+    render json: ds.build
+  end
+end

app/controllers/debates_controller.rb

@@ -26,7 +26,9 @@ class DebatesController < ApplicationController
   def create
     @debate = Debate.new(debate_params)
     @debate.author = current_user
+
     if @debate.save_with_captcha
+      ahoy.track :debate_created, debate_id: @debate.id
       redirect_to @debate, notice: t('flash.actions.create.notice', resource_name: 'Debate')
     else
       load_featured_tags

app/controllers/stats_controller.rb

@@ -0,0 +1,14 @@
+class StatsController < ApplicationController
+  skip_authorization_check
+  before_action :verify_administrator
+
+  def show
+    @event_types = Ahoy::Event.select(:name).uniq.pluck(:name)
+  end
+
+  private
+
+    def verify_administrator
+      raise CanCan::AccessDenied unless current_user.try(:administrator?)
+    end
+end