<%= form_with(model: [:admin, user], class: "space-y-6") do |form| %> <% if user.errors.any? %>

<%= pluralize(user.errors.count, "error") %> prohibited this user from being saved:

    <% user.errors.full_messages.each do |message| %>
  • <%= message %>
    • <% end %>
<% end %>
<%= form.label :email_address, class: "block text-sm font-medium text-gray-700" %> <%= form.email_field :email_address, required: true, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm", placeholder: "user@example.com" %>
<%= form.label :password, class: "block text-sm font-medium text-gray-700" %> <%= form.password_field :password, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm", placeholder: user.persisted? ? "Leave blank to keep current password" : "Enter password" %> <% if user.persisted? %>

Leave blank to keep the current password

<% else %>

Leave blank to generate a random password

<% end %>
<%= form.label :status, class: "block text-sm font-medium text-gray-700" %> <%= form.select :status, User.statuses.keys.map { |s| [s.titleize, s] }, {}, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
<%= form.check_box :admin, class: "h-4 w-4 rounded border-gray-300 text-blue-600 focus:ring-blue-500", disabled: (user == Current.session.user) %> <%= form.label :admin, "Administrator", class: "ml-2 block text-sm text-gray-900" %> <% if user == Current.session.user %> (Cannot change your own admin status) <% end %>
<%= form.label :custom_claims, "Custom Claims (JSON)", class: "block text-sm font-medium text-gray-700" %> <%= form.text_area :custom_claims, value: (user.custom_claims.present? ? JSON.pretty_generate(user.custom_claims) : ""), rows: 8, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm font-mono", placeholder: '{"department": "engineering", "level": "senior"}' %>

Optional: User-specific custom claims to add to OIDC tokens. These override group-level claims.

<%= form.submit user.persisted? ? "Update User" : "Create User", class: "rounded-md bg-blue-600 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-blue-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-blue-600" %> <%= link_to "Cancel", admin_users_path, class: "rounded-md bg-white px-3 py-2 text-sm font-semibold text-gray-900 shadow-sm ring-1 ring-inset ring-gray-300 hover:bg-gray-50" %>
<% end %>