I forgot to commit

app/assets/javascripts/dashboard.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

app/assets/stylesheets/application.scss

@@ -16,6 +16,9 @@
 @import "bootstrap-sprockets";
 @import "bootstrap";
 
+@import "font-awesome-sprockets";
+@import "font-awesome";
+
 /* Horizontally distribute ul items.
  *
  * Adapted from the following StackOverflow answer:
@@ -47,3 +50,8 @@ ul.hdis li {
     top: 1.25em;
 }
 /* End of CC-BY-SA code. */
+
+/* Don't overlap with the menu. */
+body {
+  padding-top: 70px;
+}

app/assets/stylesheets/dashboard.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the Dashboard controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/assets/stylesheets/void.scss

@@ -1,4 +1,4 @@
-body {
+body.void {
 	padding-top: 		40px;
 	padding-bottom: 	40px;
 	background-color: 	#eee;

app/controllers/authentication_controller.rb

@@ -6,6 +6,7 @@ class AuthenticationController < ApplicationController
   def login
     if params[:session][:email].blank? || params[:session][:password].blank?
       flash[:warning] = "You forgot to add value"
+      redirect_to action: 'login_form'
     else
       u = User.find_by(email: params[:session][:email])
 
@@ -13,12 +14,21 @@ class AuthenticationController < ApplicationController
         log_in(u, params[:session][:remember_me].to_i)
 
         flash[:success] = "Hello, #{u.person.full_name}!"
+        redirect_to dashboard_home_path
       else
         flash[:danger] = "Invalid username/password combination!"
+        redirect_to action: 'login_form'
       end
     end
+  end
+
+  def logout_form
+    render layout: 'void'
+  end
 
-    redirect_to action: 'login_form'
+  def logout
+    log_out
+    redirect_to login_path
   end
 
   def create_password_form

app/controllers/dashboard_controller.rb

@@ -0,0 +1,8 @@
+class DashboardController < ApplicationController
+  before_action :require_login!
+
+  def home
+    @user_organized = current_person.activities.where(is_organizer: true)
+    @need_response = current_person.activities.includes(:participants)
+  end
+end

app/controllers/groups_controller.rb

@@ -0,0 +1,82 @@
+class GroupsController < ApplicationController
+  include GroupsHelper
+  before_action :require_admin!, only: [:index]
+  before_action :require_membership!, only: [:show]
+  before_action :require_leader!, only: [:edit, :update, :destroy]
+  before_action :set_group, only: [:show, :edit, :update, :destroy]
+
+  # GET /groups
+  # GET /groups.json
+  def index
+    @groups = Group.all
+  end
+
+  def user_groups
+    @groups = current_person.groups
+  end
+
+  # GET /groups/1
+  # GET /groups/1.json
+  def show
+  end
+
+  # GET /groups/new
+  def new
+    @group = Group.new
+  end
+
+  # GET /groups/1/edit
+  def edit
+  end
+
+  # POST /groups
+  # POST /groups.json
+  def create
+    @group = Group.new(group_params)
+
+    respond_to do |format|
+      if @group.save
+        format.html { redirect_to @group, notice: 'Group was successfully created.' }
+        format.json { render :show, status: :created, location: @group }
+      else
+        format.html { render :new }
+        format.json { render json: @group.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PATCH/PUT /groups/1
+  # PATCH/PUT /groups/1.json
+  def update
+    respond_to do |format|
+      if @group.update(group_params)
+        format.html { redirect_to @group, notice: 'Group was successfully updated.' }
+        format.json { render :show, status: :ok, location: @group }
+      else
+        format.html { render :edit }
+        format.json { render json: @group.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /groups/1
+  # DELETE /groups/1.json
+  def destroy
+    @group.destroy
+    respond_to do |format|
+      format.html { redirect_to groups_url, notice: 'Group was successfully destroyed.' }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_group
+      @group = Group.find(params[:id])
+    end
+
+    # Never trust parameters from the scary internet, only allow the white list through.
+    def group_params
+      params.fetch(:group, {})
+    end
+end

app/controllers/members_controller.rb

@@ -0,0 +1,86 @@
+class MembersController < ApplicationController
+  include GroupsHelper
+  before_action :set_group
+  before_action :set_member, only: [:show, :edit, :update, :destroy]
+  before_action :require_leader!
+
+  # GET /members
+  # GET /members.json
+  def index
+    @members = Member.all
+  end
+
+  # GET /members/1
+  # GET /members/1.json
+  def show
+  end
+
+  # GET /members/new
+  def new
+    @member = Member.new
+    @possible_members = Person.where.not(id: @group.person_ids)
+  end
+
+  # GET /members/1/edit
+  def edit
+    @possible_members = Person.where.not(id: @group.person_ids)
+  end
+
+  # POST /members
+  # POST /members.json
+  def create
+    @member = Member.new(member_params)
+    @member.group = @group
+
+    respond_to do |format|
+      if @member.save
+        format.html { redirect_to group_member_url(@group, @member), notice: 'Member was successfully created.' }
+        format.json { render :show, status: :created, location: @member }
+      else
+        @possible_members = Person.where.not(id: @group.person_ids)
+        format.html { render :new }
+        format.json { render json: @member.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PATCH/PUT /members/1
+  # PATCH/PUT /members/1.json
+  def update
+    respond_to do |format|
+      if @member.update(member_params)
+        format.html { redirect_to group_member_url(@group, @member), notice: 'Member was successfully updated.' }
+        format.json { render :show, status: :ok, location: @member }
+      else
+        @possible_members = Person.where.not(id: @group.person_ids)
+        format.html { render :edit }
+        format.json { render json: @member.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /members/1
+  # DELETE /members/1.json
+  def destroy
+    @member.destroy
+    respond_to do |format|
+      format.html { redirect_to group_members_url(@group), notice: 'Member was successfully destroyed.' }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_member
+      @member = Member.find(params[:id])
+    end
+
+    def set_group
+      @group = Group.find(params[:group_id])
+    end
+
+    # Never trust parameters from the scary internet, only allow the white list through.
+    def member_params
+      params.require(:member).permit(:person_id, :is_leader)
+    end
+end

app/controllers/people_controller.rb

@@ -0,0 +1,90 @@
+class PeopleController < ApplicationController
+  before_action :set_person, only: [:show, :edit, :update, :destroy]
+  before_action :require_login!
+  before_action :require_admin!, except: [:show]
+
+  # GET /people
+  # GET /people.json
+  def index
+    @people = Person.all
+  end
+
+  # GET /people/1
+  # GET /people/1.json
+  def show
+    if @person != current_person
+      require_admin!
+    end
+  end
+
+  # GET /people/new
+  def new
+    @person = Person.new
+  end
+
+  # GET /people/1/edit
+  def edit
+  end
+
+  # POST /people
+  # POST /people.json
+  def create
+    @person = Person.new(person_params)
+
+    respond_to do |format|
+      if @person.save
+        format.html do
+          flash[:success] = "Person was successfully created."
+          redirect_to @person
+        end
+        format.json { render :show, status: :created, location: @person }
+      else
+        format.html { render :new }
+        format.json { render json: @person.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PATCH/PUT /people/1
+  # PATCH/PUT /people/1.json
+  def update
+    respond_to do |format|
+      if @person.update(person_params)
+        format.html do
+          flash[:success] = "Person was successfully updated."
+          redirect_to @person
+        end
+
+        format.json { render :show, status: :ok, location: @person }
+      else
+        format.html { render :edit }
+        format.json { render json: @person.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /people/1
+  # DELETE /people/1.json
+  def destroy
+    @person.destroy
+    respond_to do |format|
+      format.html do
+        flash[:success] = 'Person was successfully destroyed.'
+        redirect_to people_url
+      end
+
+      format.json { head :no_content }
+    end
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_person
+      @person = Person.find(params[:id])
+    end
+
+    # Never trust parameters from the scary internet, only allow the white list through.
+    def person_params
+      params.require(:person).permit(:first_name, :infix, :last_name, :email, :birth_date, :is_admin)
+    end
+end

app/helpers/authentication_helper.rb

@@ -1,4 +1,5 @@
 module AuthenticationHelper
+  # Create a new Session and set the relevant cookies.
   def log_in(user, remember, new=true)
     reset_session
 
@@ -9,8 +10,14 @@ module AuthenticationHelper
     if new
       if remember == 1
         token = Session.new_token
-        cookies.signed.permanent[:remember_token] = token
-        cookies.signed.permanent[:user_id] = user.id
+        cookies.signed.permanent[:remember_token] = {
+          value: token,
+          httponly: true
+        }
+        cookies.signed.permanent[:user_id] = {
+          value: user.id,
+          httponly: true
+        }
       else
         token = nil
       end
@@ -21,11 +28,30 @@ module AuthenticationHelper
         remember_digest: token ? Session.digest(token) : nil
       )
       if remember
-        cookies.signed.permanent[:session_id] = s.id
+        cookies.signed.permanent[:session_id] = {
+          value: s.id,
+          httponly: true
+        }
       end
     end
   end
 
+  # Determine whether the user is logged in, and if so, disable the Session, then flush session cookies.
+  def log_out
+    if is_logged_in?
+      get_user_session
+
+      @user_session.update!(active: false)
+    end
+
+    cookies.delete(:user_id)
+    cookies.delete(:remember_token)
+    cookies.delete(:session_id)
+    reset_session
+  end
+
+  # Determine whether the current request is from a user with a non-expired session.
+  # Makes @user_session available as a side effect if the user is not.
   def is_logged_in?
     # Case 1: User has an active session inside the cookie.
     # We verify that the session hasn't expired yet.
@@ -39,16 +65,16 @@ module AuthenticationHelper
       if cookies.signed.permanent[:remember_token] && cookies.signed.permanent[:user_id] &&
           cookies.signed.permanent[:session_id]
 
-        s = Session.find_by(
-          id: cookies.signed.permanent[:session_id]
-        )
-        if s.nil? || s.remember_digest.nil?
+        get_user_session
+
+        if @user_session.nil? || @user_session.remember_digest.nil?
           return false
         end
 
         session_password = BCrypt::Password.new s.remember_digest
 
-        if s.expires > DateTime.now && session_password == cookies.signed.permanent[:remember_token]
+        if @user_session.expires > DateTime.now &&
+            session_password == cookies.signed.permanent[:remember_token]
           log_in s.user, false, false
           return true
         end
@@ -57,8 +83,40 @@ module AuthenticationHelper
       end
 
     return false
+    end
+  end
+
+  # Get the Session object representing the current user's session.
+  def get_user_session
+    if @user_session
+      @user_session
+    else
+      @user_session ||= Session.find_by(
+        id: cookies.signed.permanent[:session_id]
+      )
+    end
+  end
+
+  def current_user
+    get_user_session
+    @user_session.user
+  end
+
+  def current_person
+    current_user.person
+  end
 
+  def require_login!
+    if !is_logged_in?
+      flash[:warning] = "You need to be logged in to do that."
+      redirect_to controller: 'authentication', action: 'login_form'
     end
   end
 
+  def require_admin!
+    if !current_person.is_admin?
+      flash[:danger] = "You need to be an administrator to do that."
+      redirect_to '/dashboard'
+    end
+  end
 end

app/helpers/dashboard_helper.rb

@@ -0,0 +1,2 @@
+module DashboardHelper
+end

app/helpers/groups_helper.rb

@@ -0,0 +1,19 @@
+module GroupsHelper
+  def require_membership!
+    require_login!
+    if !(Member.exists?(group: @group, person: current_person) || current_person.is_admin?)
+      flash[:danger] = "You need to be a member of that group to do that."
+      redirect_to dashboard_url
+    end
+  end
+
+  def require_leader!
+    require_login!
+
+    if !(Member.exists?(group: @group, is_leader: true, person: current_person) ||
+         current_person.is_admin?)
+      flash[:danger] = "You need to be a group leader to do that."
+      redirect_to dashboard_url
+    end
+  end
+end

app/helpers/members_helper.rb

@@ -0,0 +1,2 @@
+module MembersHelper
+end

app/helpers/people_helper.rb

@@ -0,0 +1,2 @@
+module PeopleHelper
+end

app/models/activity.rb

@@ -1,3 +1,6 @@
 class Activity < ApplicationRecord
   belongs_to :group
+
+  has_many :participants
+  has_many :people, through: :participants
 end

app/models/group.rb

@@ -1,2 +1,10 @@
 class Group < ApplicationRecord
+  has_many :members
+  has_many :people, through: :members
+
+  has_many :activities
+
+  def leaders
+    self.members.where(is_leader: true)
+  end
 end

app/models/person.rb

@@ -1,10 +1,13 @@
 class Person < ApplicationRecord
   has_one :user
+  has_many :members
+  has_many :participants
+  has_many :groups, through: :members
+  has_many :activities, through: :participants
 
   validates :email, presence: true, uniqueness: true
   validates :first_name, presence: true
   validates :last_name, presence: true
-  validates :is_admin, presence: true
 
   validate :birth_date_cannot_be_in_future
 
@@ -19,9 +22,17 @@ class Person < ApplicationRecord
     end
   end
 
+  def reversed_name
+    if self.infix
+      [self.last_name, self.infix, self.first_name].join(', ')
+    else
+      [self.last_name, self.first_name].join(', ')
+    end
+  end
+
   private
   def birth_date_cannot_be_in_future
-    if self.birth_date > Date.today
+    if self.birth_date && self.birth_date > Date.today
       errors.add(:birth_date, "can't be in the future.")
     end
   end

app/views/dashboard/home.html.haml

@@ -0,0 +1,53 @@
+.container
+  .row
+    - if @need_response.any?
+      .col-md.12
+        .panel.panel-default
+          .panel-heading
+            Need response
+
+          .panel-body
+            %table.table.table-bordered
+              %thead
+                %tr
+                  %th
+                    Name
+                  %th
+                    Group
+                  %th
+                    When
+                  %th
+                    Where
+                  %th
+                    Actions
+
+              %tbody
+                - @need_response.each do |e|
+                  %tr
+                    %td
+                      - if e.secret_name && e.participants.first.is_organizer
+                        = e.secret_name
+                      = e.public_name
+                    %td
+                      = e.group.name
+                    %td
+                      = e.start
+                    %td
+                      = e.location
+                    %td
+    .col-md-6
+      .panel.panel-default
+        .panel-heading
+          Groups
+
+        .panel-body
+          %table.table.table-bordered
+            %tbody
+              - current_person.groups.each do |group|
+                %tr
+                  %td
+                    = link_to group do
+                      = group.name
+
+    .col-md-6
+      TODO

app/views/groups/_form.html.erb

@@ -0,0 +1,17 @@
+<%= form_for(group) do |f| %>
+  <% if group.errors.any? %>
+    <div id="error_explanation">
+      <h2><%= pluralize(group.errors.count, "error") %> prohibited this group from being saved:</h2>
+
+      <ul>
+      <% group.errors.full_messages.each do |message| %>
+        <li><%= message %></li>
+      <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="actions">
+    <%= f.submit %>
+  </div>
+<% end %>

app/views/groups/_group.json.jbuilder

@@ -0,0 +1,2 @@
+json.extract! group, :id, :created_at, :updated_at
+json.url group_url(group, format: :json)

app/views/groups/edit.html.erb

@@ -0,0 +1,6 @@
+<h1>Editing Group</h1>
+
+<%= render 'form', group: @group %>
+
+<%= link_to 'Show', @group %> |
+<%= link_to 'Back', groups_path %>

app/views/groups/index.html.erb

@@ -0,0 +1,28 @@
+<p id="notice"><%= notice %></p>
+
+<h1>Groups</h1>
+
+<table class="table">
+  <thead>
+    <tr>
+      <th>Name</th>
+      <th>Members</th>
+      <th>Events</th>
+      <th colspan="2">Actions</th>
+    </tr>
+  </thead>
+
+  <tbody>
+    <% @groups.each do |group| %>
+      <tr>
+        <td><%= link_to group.name, group %></td>
+        <td><%= link_to 'Edit', edit_group_path(group) %></td>
+        <td><%= link_to 'Destroy', group, method: :delete, data: { confirm: 'Are you sure?' } %></td>
+      </tr>
+    <% end %>
+  </tbody>
+</table>
+
+<br>
+
+<%= link_to 'New Group', new_group_path %>

app/views/groups/index.json.jbuilder

@@ -0,0 +1 @@
+json.array! @groups, partial: 'groups/group', as: :group

app/views/groups/new.html.erb

@@ -0,0 +1,5 @@
+<h1>New Group</h1>
+
+<%= render 'form', group: @group %>
+
+<%= link_to 'Back', groups_path %>

app/views/groups/show.html.erb

@@ -0,0 +1,26 @@
+<h2><%= @group.name %></h2>
+
+<h3>Members</h3>
+<ul>
+  <% @group.members.each do |m| %>
+    <li>
+      <% if m.is_leader %>
+        <i class="fa fa-angle-up"></i>
+      <% end %>
+      <%= m.person.full_name %>
+    </li>
+  <% end %>
+</ul>
+<%= link_to 'Manage members', group_members_path(@group) %>
+
+<h3>Events</h3>
+<ul>
+  <% @group.activities.each do |e| %>
+    <li>
+      <%= e.public_name %>
+    </li>
+  <% end %>
+</ul>
+
+<%= link_to 'Edit', edit_group_path(@group) %> |
+<%= link_to 'Back', groups_path %>

app/views/groups/show.json.jbuilder

@@ -0,0 +1 @@
+json.partial! "groups/group", group: @group

app/views/groups/user_groups.html.haml

@@ -0,0 +1,10 @@
+.container
+  %h1
+    My groups
+
+  %table.table.table-striped
+    %tbody
+      - @groups.each do |g|
+        %tr
+          %td
+            = link_to g.name, g

app/views/layouts/application.html.erb

@@ -9,6 +9,10 @@
   </head>
 
   <body>
-    <%= yield %>
+    <%= render 'shared/menu' %>
+    <%= render 'shared/alerts' %>
+    <div class="container">
+      <%= yield %>
+    </div>
   </body>
 </html>

app/views/members/_form.html.erb

@@ -0,0 +1,19 @@
+<%= form_for([@group, member]) do |f| %>
+  <% if member.errors.any? %>
+    <div id="error_explanation">
+      <h2><%= pluralize(member.errors.count, "error") %> prohibited this member from being saved:</h2>
+
+      <ul>
+      <% member.errors.full_messages.each do |message| %>
+        <li><%= message %></li>
+      <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="actions">
+    <%= f.collection_select(:person_id, @possible_members, :id, :full_name, prompt: true) %>
+    <%= f.check_box :is_leader %> Beheerder
+    <%= f.submit %>
+  </div>
+<% end %>

app/views/members/_member.json.jbuilder

@@ -0,0 +1,2 @@
+json.extract! member, :id, :created_at, :updated_at
+json.url member_url(member, format: :json)

app/views/members/edit.html.erb

@@ -0,0 +1,6 @@
+<h1>Editing Member</h1>
+
+<%= render 'form', member: @member %>
+
+<%= link_to 'Show', group_member_path(@group, @member) %> |
+<%= link_to 'Back', group_members_path(@group) %>

app/views/members/index.html.erb

@@ -0,0 +1,25 @@
+<p id="notice"><%= notice %></p>
+
+<h1>Members</h1>
+
+<table>
+  <thead>
+    <tr>
+      <th colspan="3"></th>
+    </tr>
+  </thead>
+
+  <tbody>
+    <% @members.each do |member| %>
+      <tr>
+        <td><%= link_to member.person.full_name, group_member_path(@group, member) %></td>
+        <td><%= link_to 'Edit', edit_group_member_path(@group, member) %></td>
+        <td><%= link_to 'Destroy', group_member_path(@group, member), method: :delete, data: { confirm: 'Are you sure?' } %></td>
+      </tr>
+    <% end %>
+  </tbody>
+</table>
+
+<br>
+
+<%= link_to 'New Member', new_group_member_path(@group) %>

app/views/members/index.json.jbuilder

@@ -0,0 +1 @@
+json.array! @members, partial: 'members/member', as: :member

app/views/members/new.html.erb

@@ -0,0 +1,5 @@
+<h1>Add member to <%= @group.name %></h1>
+
+<%= render 'form', member: @member %>
+
+<%= link_to 'Back', group_members_path(@group) %>

app/views/members/show.html.erb

@@ -0,0 +1,5 @@
+<p id="notice"><%= notice %></p>
+
+<%= @member.person.full_name %> is lid van <%= @group.name %>.
+<%= link_to 'Edit', edit_group_member_path(@group, @member) %> |
+<%= link_to 'Back', group_members_path(@group) %>

app/views/members/show.json.jbuilder

@@ -0,0 +1 @@
+json.partial! "members/member", member: @member

app/views/people/_form.html.erb

@@ -0,0 +1,37 @@
+<%= form_for(person) do |f| %>
+  <% if person.errors.any? %>
+    <div id="error_explanation">
+      <h2><%= pluralize(person.errors.count, "error") %> prohibited this person from being saved:</h2>
+
+      <ul>
+      <% person.errors.full_messages.each do |message| %>
+        <li><%= message %></li>
+      <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="actions">
+    <div class="form-group">
+      <%= f.label :first_name %>
+      <%= f.text_field :first_name, class: 'form-control' %>
+      <%= f.label :infix %>
+      <%= f.text_field :infix, class: 'form-control' %>
+      <%= f.label :last_name %>
+      <%= f.text_field :last_name, class: 'form-control' %>
+    </div>
+    <div class="form-group">
+      <%= f.label :email %>
+      <%= f.email_field :email, class: 'form-control' %>
+    </div>
+    <div class="form-group">
+      <%= f.label :birth_date %>
+      <%= f.date_field :birth_date, type: 'date', class: 'form-control' %>
+    </div>
+    <div class="form-group">
+      <%= f.check_box :is_admin %>
+      <%= f.label :is_admin %>
+    </div>
+    <%= f.submit %>
+  </div>
+<% end %>

app/views/people/_person.json.jbuilder

@@ -0,0 +1,2 @@
+json.extract! person, :id, :created_at, :updated_at
+json.url person_url(person, format: :json)

app/views/people/edit.html.erb

@@ -0,0 +1,6 @@
+<h1>Editing Person</h1>
+
+<%= render 'form', person: @person %>
+
+<%= link_to 'Show', @person %> |
+<%= link_to 'Back', people_path %>

app/views/people/index.html.erb

@@ -0,0 +1,26 @@
+<p id="notice"><%= notice %></p>
+
+<h1>People</h1>
+
+<table class="table">
+  <thead>
+    <tr>
+      <th colspan="4"></th>
+    </tr>
+  </thead>
+
+  <tbody>
+    <% @people.each do |person| %>
+      <tr>
+        <td><%= person.full_name %></td>
+        <td><%= link_to 'Show', person %></td>
+        <td><%= link_to 'Edit', edit_person_path(person) %></td>
+        <td><%= link_to 'Destroy', person, method: :delete, data: { confirm: 'Are you sure?' } %></td>
+      </tr>
+    <% end %>
+  </tbody>
+</table>
+
+<br>
+
+<%= link_to 'New Person', new_person_path %>

app/views/people/index.json.jbuilder

@@ -0,0 +1 @@
+json.array! @people, partial: 'people/person', as: :person

app/views/people/new.html.erb

@@ -0,0 +1,5 @@
+<h1>New Person</h1>
+
+<%= render 'form', person: @person %>
+
+<%= link_to 'Back', people_path %>

app/views/people/show.html.erb

@@ -0,0 +1,7 @@
+<h2><%= @person.reversed_name %></h2>
+<ul>
+  <li><%= @person.birth_date %></li>
+  <li><%= @person.email %></li>
+</ul>
+<%= link_to 'Edit', edit_person_path(@person) %> |
+<%= link_to 'Back', people_path %>

app/views/people/show.json.jbuilder

@@ -0,0 +1 @@
+json.partial! "people/person", person: @person

app/views/shared/_alerts.html.haml

@@ -1,4 +1,5 @@
-.alerts
-  - flash.each do |name, msg|
-    %div{class: "alert alert-#{name}"}
-      = msg
+.container
+  .alerts
+    - flash.each do |name, msg|
+      %div{class: "alert alert-#{name}"}
+        = msg

app/views/shared/_menu.html.haml

@@ -0,0 +1,43 @@
+%nav.navbar.navbar-default.navbar-fixed-top
+  .container
+    .navbar-header
+      %button.navbar-toggle.collapsed{type: 'button', data: {toggle: 'collapse', target: '#navbar'}, 'aria-expanded': false, 'aria-controls': 'navbar'}
+        .sr-only
+          inklappen enzo
+        .icon-bar
+        .icon-bar
+        .icon-bar
+      = link_to root_path, class: 'navbar-brand' do
+        Damena
+
+    .navbar-collapse.collapse#navbar
+      %ul.nav.navbar-nav
+        %li
+          = link_to root_path do
+            %i.fa.fa-home{'aria-hidden': true}
+            Home
+
+        %li
+          = link_to user_groups_path do
+            %i.fa.fa-users{'aria-hidden': true}
+            Groups
+
+        - if current_person.is_admin?
+          %li
+            = link_to people_path do
+              %i.fa.fa-user{'aria-hidden': true}
+              People
+
+          %li
+            = link_to groups_path do
+              %i.fa.fa-users{'aria-hidden': true}
+              All groups
+
+      %ul.nav.navbar-nav.navbar-right
+        %li
+          = link_to current_person do
+            = current_person.full_name
+        %li
+          = link_to logout_path, confirm: "Really log out?", method: :delete do
+            %i.fa.fa-sign-out{'aria-hidden': true}
+            Log out

config/routes.rb

@@ -1,5 +1,9 @@
 Rails.application.routes.draw do
-  get  'login', to: 'authentication#login_form'
+  get 'dashboard/home'
+
+  root to: 'dashboard#home'
+
+  get  'login', to: 'authentication#login_form', as: :login
   post 'login', to: 'authentication#login'
 
   get  'register', to: 'authentication#create_password_form'
@@ -8,7 +12,15 @@ Rails.application.routes.draw do
   get  'forgot', to: 'authentication#forgotten_password_form'
   post 'forgot', to: 'authentication#forgotten_password'
 
-  get 'logintest', to: 'authentication#login_status'
+  get 'logout', to: 'authentication#logout_confirm'
+  delete 'logout', to: 'authentication#logout'
+
+  resources :people
+
+  resources :groups do
+    resources :members
+  end
+  get 'my_groups', to: 'groups#user_groups', as: :user_groups
 
   # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
 end

test/controllers/dashboard_controller_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+class DashboardControllerTest < ActionDispatch::IntegrationTest
+  test "should get home" do
+    get dashboard_home_url
+    assert_response :success
+  end
+
+end

test/controllers/groups_controller_test.rb

@@ -0,0 +1,48 @@
+require 'test_helper'
+
+class GroupsControllerTest < ActionDispatch::IntegrationTest
+  setup do
+    @group = groups(:one)
+  end
+
+  test "should get index" do
+    get groups_url
+    assert_response :success
+  end
+
+  test "should get new" do
+    get new_group_url
+    assert_response :success
+  end
+
+  test "should create group" do
+    assert_difference('Group.count') do
+      post groups_url, params: { group: {  } }
+    end
+
+    assert_redirected_to group_url(Group.last)
+  end
+
+  test "should show group" do
+    get group_url(@group)
+    assert_response :success
+  end
+
+  test "should get edit" do
+    get edit_group_url(@group)
+    assert_response :success
+  end
+
+  test "should update group" do
+    patch group_url(@group), params: { group: {  } }
+    assert_redirected_to group_url(@group)
+  end
+
+  test "should destroy group" do
+    assert_difference('Group.count', -1) do
+      delete group_url(@group)
+    end
+
+    assert_redirected_to groups_url
+  end
+end

test/controllers/members_controller_test.rb

@@ -0,0 +1,48 @@
+require 'test_helper'
+
+class MembersControllerTest < ActionDispatch::IntegrationTest
+  setup do
+    @member = members(:one)
+  end
+
+  test "should get index" do
+    get members_url
+    assert_response :success
+  end
+
+  test "should get new" do
+    get new_member_url
+    assert_response :success
+  end
+
+  test "should create member" do
+    assert_difference('Member.count') do
+      post members_url, params: { member: {  } }
+    end
+
+    assert_redirected_to member_url(Member.last)
+  end
+
+  test "should show member" do
+    get member_url(@member)
+    assert_response :success
+  end
+
+  test "should get edit" do
+    get edit_member_url(@member)
+    assert_response :success
+  end
+
+  test "should update member" do
+    patch member_url(@member), params: { member: {  } }
+    assert_redirected_to member_url(@member)
+  end
+
+  test "should destroy member" do
+    assert_difference('Member.count', -1) do
+      delete member_url(@member)
+    end
+
+    assert_redirected_to members_url
+  end
+end

test/controllers/people_controller_test.rb

@@ -0,0 +1,48 @@
+require 'test_helper'
+
+class PeopleControllerTest < ActionDispatch::IntegrationTest
+  setup do
+    @person = people(:one)
+  end
+
+  test "should get index" do
+    get people_url
+    assert_response :success
+  end
+
+  test "should get new" do
+    get new_person_url
+    assert_response :success
+  end
+
+  test "should create person" do
+    assert_difference('Person.count') do
+      post people_url, params: { person: {  } }
+    end
+
+    assert_redirected_to person_url(Person.last)
+  end
+
+  test "should show person" do
+    get person_url(@person)
+    assert_response :success
+  end
+
+  test "should get edit" do
+    get edit_person_url(@person)
+    assert_response :success
+  end
+
+  test "should update person" do
+    patch person_url(@person), params: { person: {  } }
+    assert_redirected_to person_url(@person)
+  end
+
+  test "should destroy person" do
+    assert_difference('Person.count', -1) do
+      delete person_url(@person)
+    end
+
+    assert_redirected_to people_url
+  end
+end