feat: Unify user and super admin credentials (#3830)

Fixes: #3061, #3489

app/controllers/installation/onboarding_controller.rb

@@ -10,6 +10,7 @@ class Installation::OnboardingController < ApplicationController
         user_full_name: onboarding_params.dig(:user, :name),
         email: onboarding_params.dig(:user, :email),
         user_password: params.dig(:user, :password),
+        super_admin: true,
         confirmed: true
       ).perform
     rescue StandardError => e

app/controllers/super_admin/devise/sessions_controller.rb

@@ -8,7 +8,7 @@ class SuperAdmin::Devise::SessionsController < Devise::SessionsController
   def create
     redirect_to(super_admin_session_path, flash: { error: @error_message }) && return unless valid_credentials?
 
-    sign_in(@super_admin, scope: :super_admin)
+    sign_in(:super_admin, @super_admin)
     flash.discard
     redirect_to super_admin_users_path
   end

app/controllers/super_admin/super_admins_controller.rb

@@ -1,44 +0,0 @@
-class SuperAdmin::SuperAdminsController < SuperAdmin::ApplicationController
-  # Overwrite any of the RESTful controller actions to implement custom behavior
-  # For example, you may want to send an email after a foo is updated.
-  #
-  # def update
-  #   super
-  #   send_foo_updated_email(requested_resource)
-  # end
-
-  # Override this method to specify custom lookup behavior.
-  # This will be used to set the resource for the `show`, `edit`, and `update`
-  # actions.
-  #
-  # def find_resource(param)
-  #   Foo.find_by!(slug: param)
-  # end
-
-  # The result of this lookup will be available as `requested_resource`
-
-  # Override this if you have certain roles that require a subset
-  # this will be used to set the records shown on the `index` action.
-  #
-  # def scoped_resource
-  #   if current_user.super_admin?
-  #     resource_class
-  #   else
-  #     resource_class.with_less_stuff
-  #   end
-  # end
-
-  # Override `resource_params` if you want to transform the submitted
-  # data before it's persisted. For example, the following would turn all
-  # empty values into nil values. It uses other APIs such as `resource_class`
-  # and `dashboard`:
-  #
-  # def resource_params
-  #   params.require(resource_class.model_name.param_key).
-  #     permit(dashboard.permitted_attributes).
-  #     transform_values { |value| value == "" ? nil : value }
-  # end
-
-  # See https://administrate-prototype.herokuapp.com/customizing_controller_actions
-  # for more information
-end

app/controllers/super_admin/users_controller.rb

@@ -33,12 +33,15 @@ class SuperAdmin::UsersController < SuperAdmin::ApplicationController
   # empty values into nil values. It uses other APIs such as `resource_class`
   # and `dashboard`:
   #
-  # def resource_params
-  #   params.require(resource_class.model_name.param_key).
-  #     permit(dashboard.permitted_attributes).
-  #     transform_values { |value| value == "" ? nil : value }
-  # end
+  def resource_params
+    permitted_params = super
+    permitted_params.delete(:password) if permitted_params[:password].blank?
+    permitted_params
+  end
 
   # See https://administrate-prototype.herokuapp.com/customizing_controller_actions
   # for more information
+  def find_resource(param)
+    super.becomes(User)
+  end
 end