ModelModal now grants real ultimate power.

app/templates/account/profile.jade

@@ -43,7 +43,9 @@ block content
             i.icon-eye-close
             span(data-i18n='account_profile.not_featured') Not Featured
       if me.isAdmin() && !myProfile
-        button.btn.edit-settings-button#enter-espionage-mode 007
+        button.btn#enter-espionage-mode 007
+      if me.isAdmin()
+        button.btn#open-model-modal Raw
 
   if profile && allowedToViewJobProfile
     div(class="job-profile-container" + (editing ? " editable-profile" : ""))

app/templates/modal/model.jade

@@ -4,6 +4,8 @@ block modal-header
 
 block modal-body-content
   for model in models
+    .model-container(data-model-id=model.id)
       h3= model.type() + ': ' + model.id
       .model-treema(data-model-id=model.id)
+      btn.btn.btn-success.save-model(data-i18n="common.save") Save
     hr

app/views/account/profile_view.coffee

@@ -8,6 +8,7 @@ JobProfileContactView = require 'views/modal/job_profile_contact_modal'
 JobProfileView = require 'views/account/job_profile_view'
 UserRemark = require 'models/UserRemark'
 forms = require 'lib/forms'
+ModelModal = require 'views/modal/model_modal'
 
 class LevelSessionsCollection extends CocoCollection
   url: -> "/db/user/#{@userID}/level.sessions/employer"
@@ -37,6 +38,7 @@ module.exports = class ProfileView extends View
     'click #save-notes-button': 'onJobProfileNotesChanged'
     'click #contact-candidate': 'onContactCandidate'
     'click #enter-espionage-mode': 'enterEspionageMode'
+    'click #open-model-modal': 'openModelModal'
     'click .editable-profile .profile-photo': 'onEditProfilePhoto'
     'click .editable-profile .project-image': 'onEditProjectImage'
     'click .editable-profile .editable-display': 'onEditSection'
@@ -340,6 +342,9 @@ module.exports = class ProfileView extends View
   espionageSuccess: (model) ->
     window.location.reload()
 
+  openModelModal: (e) ->
+    @openModalView new ModelModal models: [@user]
+
   onJobProfileNotesChanged: (e) =>
     notes = @$el.find("#job-profile-notes").val()
     @user.set 'jobProfileNotes', notes

app/views/modal/model_modal.coffee

@@ -6,6 +6,8 @@ module.exports = class ModelModal extends View
   template: template
   plain: true
 
+  events: 'click .save-model': 'onSaveModel'
+
   constructor: (options) ->
     super options
     @models = options.models
@@ -20,6 +22,7 @@ module.exports = class ModelModal extends View
 
   afterRender: ->
     return unless @supermodel.finished()
+    @modelTreemas = {}
     for model in @models
       data = $.extend true, {}, model.attributes
       schema = $.extend true, {}, model.schema()
@@ -31,6 +34,7 @@ module.exports = class ModelModal extends View
       modelTreema?.build()
       modelTreema?.open()
       @openTastyTreemas modelTreema, model
+      @modelTreemas[model.id] = modelTreema
 
   openTastyTreemas: (modelTreema, model) ->
     # To save on quick inspection, let's auto-open the properties we're most likely to want to see.
@@ -45,3 +49,26 @@ module.exports = class ModelModal extends View
         }[team]
         for dessert in desserts
           child.childrenTreemas[dessert]?.open()
+
+  onSaveModel: (e) ->
+    container = $(e.target).closest('.model-container')
+    model = _.find @models, id: container.data('model-id')
+    treema = @modelTreemas[model.id]
+    changes = {}
+    for key, val of treema.data when not _.isEqual val, model.get key
+      console.log "Updating", key, "from", model.get(key), "to", val
+      model.set key, val
+      changes[key] = val
+    for key, val of model.attributes when treema.get(key) is undefined and not _.string.startsWith key, '_'
+      console.log "Deleting", key, "which was", val, "but man, that ain't going to work, now is it?"
+      #changes[key] = undefined
+      model.unset key
+    if errors = model.validate()
+      return console.warn model, "failed validation with errors:", errors
+    res = model.save changes, {patch: true}
+    res.error =>
+      return if @destroyed
+      console.error model, "failed to save with error:", res.responseText
+    res.success (model, response, options) =>
+      return if @destroyed
+      @hide()

server/users/user_handler.coffee

@@ -24,7 +24,7 @@ candidateProperties = [
 
 UserHandler = class UserHandler extends Handler
   modelClass: User
-
+  jsonSchema: schema
   editableProperties: [
     'name', 'photoURL', 'password', 'anonymous', 'wizardColor1', 'volume',
     'firstName', 'lastName', 'gender', 'facebookID', 'gplusID', 'emails',
@@ -32,15 +32,11 @@ UserHandler = class UserHandler extends Handler
     'wizard', 'aceConfig', 'autocastDelay', 'lastLevel', 'jobProfile'
   ]
 
-  jsonSchema: schema
-
-  constructor: ->
-    super(arguments...)
-    @editableProperties.push('permissions') unless config.isProduction
-
   getEditableProperties: (req, document) ->
     props = super req, document
-    props.push 'jobProfileApproved', 'jobProfileNotes' if req.user.isAdmin()
+    props.push 'permissions' unless config.isProduction
+    props.push 'jobProfileApproved', 'jobProfileNotes' if req.user.isAdmin()  # Admins naturally edit these
+    props.push privateProperties... if req.user.isAdmin()  # Admins are mad with power
     props
 
   formatEntity: (req, document) ->
@@ -344,7 +340,7 @@ UserHandler = class UserHandler extends Handler
 
   getEmployers: (req, res) ->
     return @sendUnauthorizedError(res) unless req.user.isAdmin()
-    query = {employerAt: {$exists: true}}
+    query = {employerAt: {$exists: true, $ne: ''}}
     selection = 'name firstName lastName email activity signedEmployerAgreement photoURL employerAt'
     User.find(query).select(selection).lean().exec (err, documents) =>
       return @sendDatabaseError res, err if err