implement account locking/unlocking

app/controllers/account_locks_controller.rb

@@ -0,0 +1,31 @@
+class AccountLocksController < ApplicationController
+  before_action :set_account
+
+  def create
+    authorize :account_lock, :create?
+    @account.update(locked: true)
+    redirect_to admin_accounts_path, notice: 'Account locked'
+  end
+
+  def destroy
+    authorize :account_lock, :destroy?
+    @account.update(locked: false)
+    redirect_to admin_accounts_path, notice: 'Account unlocked'
+  end
+
+  private
+
+  def set_account
+    if params[:id].present?
+      @account = Account.find(params[:id])
+    else
+      failure_redirect
+    end
+  rescue ActiveRecord::RecordNotFound
+    failure_redirect
+  end
+
+  def failure_redirect
+    redirect_to admin_accounts_path, alert: 'Failed to find the account'
+  end
+end

app/controllers/account_sessions_controller.rb

@@ -1,4 +1,5 @@
 class AccountSessionsController < ApplicationController
+  skip_before_action :redirect_locked_accounts
   def update
     authorize :account_session, :update?
     session[:active_account] = account_session_params[:account_id]

app/controllers/application_controller.rb

@@ -13,6 +13,7 @@ class ApplicationController < ActionController::Base
 
   include SetCurrentRequestDetails
   before_action :redirect_accountless
+  before_action :redirect_locked_accounts
 
   private
 
@@ -29,6 +30,12 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def redirect_locked_accounts
+    if Current.user && Current.account.locked?
+      redirect_to locked_account_path
+    end
+  end
+
   def signed_in_as_admin?
     signed_in? && current_user.admin?
   end

app/controllers/locked_accounts_controller.rb

@@ -0,0 +1,10 @@
+class LockedAccountsController < ApplicationController
+  skip_before_action :redirect_locked_accounts
+  skip_after_action :verify_policy_scoped
+
+  def index
+    unless Current.account.locked?
+      redirect_to projects_path
+    end
+  end
+end

app/policies/account_lock_policy.rb

@@ -0,0 +1,9 @@
+class AccountLockPolicy < ApplicationPolicy
+  def create?
+    user.admin?
+  end
+
+  def destroy?
+    user.admin?
+  end
+end

app/views/admin/accounts/_account.html.erb

@@ -30,6 +30,11 @@
         <%= link_to fa_icon("arrow-right", text: "Overview"), admin_account_path(account), class: "dropdown-item" %>
         <%= link_to fa_icon("pencil", text: "Edit"), edit_admin_account_path(account), class: "dropdown-item" %>
         <%= link_to fa_icon("arrow-right", text: "Account Managers"), account_auths_path({ account_id: account.id}), class: "dropdown-item" %>
+        <% if account.locked? %>
+          <%= link_to fa_icon("unlock", text: "Unlock Account"), [:account, :lock, id: account.id], method: :delete, class: "dropdown-item" %>
+        <% else %>
+          <%= link_to fa_icon("lock", text: "Lock Account"), [:account, :lock, id: account.id], method: :post, class: "dropdown-item" %>
+        <% end %>
       </div>
     </div>
   </td>

app/views/locked_accounts/index.html.erb

@@ -0,0 +1 @@
+<p><%= t '.account_locked_message' %></p>