adding more authentication, fixing category bug

app/controllers/questions_controller.rb

@@ -1,4 +1,6 @@
 class QuestionsController < ApplicationController
+  before_action :authenticate_user!, except: [:show]
+  before_action :verify_super_admin, except: [:show]
   before_action :set_school, only: [:show]
   before_action :set_question, only: [:show, :edit, :update, :destroy]
 
@@ -78,4 +80,8 @@ class QuestionsController < ApplicationController
     def question_params
       params.require(:question).permit(:text, :option1, :option2, :option3, :option4, :option5, :category_id)
     end
+
+    def verify_super_admin
+      user_signed_in? && current_user.super_admin?
+    end
 end

app/controllers/schedules_controller.rb

@@ -1,12 +1,9 @@
 class SchedulesController < ApplicationController
+  before_action :authenticate_user!, except: [:show]
   before_action :set_school
+  before_action :verify_admin
   before_action :set_schedule, only: [:show, :edit, :update, :destroy]
 
-  # GET schools/1/schedules
-  def index
-    @schedules = @school.schedules
-  end
-
   # GET schools/1/schedules/1
   def show
   end
@@ -61,4 +58,11 @@ class SchedulesController < ApplicationController
     def schedule_params
       params.require(:schedule).permit(:name, :description, :school_id, :frequency_hours, :start_date, :end_date, :active, :random, :recipient_list_id, :question_list_id)
     end
+
+    def verify_admin
+      return true if current_user.admin?(@school)
+
+      redirect_to root_path, notice: 'You must be logged in as an admin of that school to access that page.'
+      return false
+    end
 end

app/models/attempt.rb

@@ -18,7 +18,7 @@ class Attempt < ApplicationRecord
   def messages
     [
       #question.text,
-      "#{question.text}\n#{question.option1}: Reply 1\n\r#{question.option2}: Reply 2\n\r#{question.option3}: Reply 3\n\r#{question.option4}: Reply 4\n\r#{question.option5}: Reply 5\n\rReply 'stop' to stop these messages."
+      "#{question.text}\n\r#{question.option1}: Reply 1\n\r#{question.option2}: Reply 2\n\r#{question.option3}: Reply 3\n\r#{question.option4}: Reply 4\n\r#{question.option5}: Reply 5\n\rReply 'stop' to stop these messages."
     ]
   end
 

app/models/category.rb

@@ -30,7 +30,7 @@ class Category < ApplicationRecord
       "resources",
       "indicators-of-academic-learning",
       "character-and-wellbeing-outcomes",
-      "family-questions"
+      "pilot-family-questions"
     ].index(root_identifier)
   end
 

app/models/recipient.rb

@@ -4,6 +4,7 @@ class Recipient < ApplicationRecord
   belongs_to :school
   validates_associated :school
 
+  has_many :recipient_schedules
   has_many :attempts
 
   validates :name, presence: true

app/views/schedules/index.html.haml

@@ -1,33 +0,0 @@
-%h1 Listing schedules
-%table
-  %tr
-    %th Name
-    %th Description
-    %th School
-    %th Frequency hours
-    %th Start date
-    %th End date
-    %th Active
-    %th Random
-    %th Recipient list
-    %th Question list
-    %th
-    %th
-    %th
-  - @schedules.each do |schedule|
-    %tr
-      %td= schedule.name
-      %td= schedule.description
-      %td= schedule.school.name
-      %td= schedule.frequency_hours
-      %td= schedule.start_date
-      %td= schedule.end_date
-      %td= schedule.active
-      %td= schedule.random
-      %td= schedule.recipient_list.name
-      %td= schedule.question_list.name
-      %td= link_to 'Show', [schedule.school, schedule]
-      %td= link_to 'Edit', edit_school_schedule_path(schedule.school, schedule)
-      %td= link_to 'Destroy', [schedule.school, schedule], :confirm => 'Are you sure?', :method => :delete
-%br/
-= link_to 'New Schedule', new_school_schedule_path(@school)