Move status checking to model

app/controllers/application_controller.rb

@@ -1,17 +1,19 @@
 class ApplicationController < ActionController::Base
-  helper_method :current_user_at_least
-
   before_action :authenticate_user!
 
   class AccessForbidden < StandardError
   end
 
-  def current_user_at_least(status)
-    User.statuses[current_user.status] >= User.statuses[status]
-  end
-
   protected
 
+  def after_sign_in_path_for(scope)
+    if current_user.at_least(:admin)
+      users_path
+    else
+      edit_user_registration_path
+    end
+  end
+
   def after_sign_out_path_for(scope)
     new_user_session_path
   end

app/models/user.rb

@@ -10,4 +10,8 @@ class User < ApplicationRecord
     locked: 1,      # disallowed to sign in due to failed logins; maintained by Devise :lockable
     disabled: 0,    # administratively disallowed to sign in
   }, default: :active
+
+  def at_least(status)
+    User.statuses[self.status] >= User.statuses[status]
+  end
 end

app/views/users/index.html.erb

@@ -1,4 +1,4 @@
-<% if current_user_at_least(:admin) %>
+<% if current_user.at_least(:admin) %>
   <table class="items" id="users">
     <tr>
       <th><%= User.human_attribute_name(:email).capitalize %></th>
@@ -9,6 +9,7 @@
     </tr>
     <% @users.each do |user| %>
       <tr>
+        <%# TODO: add user edit link %>
         <td><%= user.email %></td>
         <td><%= user.status %></td>
         <td><%= user.created_at.to_fs(:db_without_sec) %></td>