current_admin to current_user => prep for pundit

2016-09-19 14:25:17 -05:00 · 2016-09-19 14:25:17 -05:00 · 0a69eb578e
commit 0a69eb578e
parent 3c45527a04
7 changed files with 19 additions and 22 deletions
--- a/app/controllers/admin/auth_controller.rb
+++ b/app/controllers/admin/auth_controller.rb
@ -1,16 +1,16 @@
 # frozen_string_literal: true
 module Admin
  class AuthController < AdminController
-    skip_before_action :authorize_admin
+    skip_before_action :authorize_user

    def login
    end

    def auth
-      admin = User.find_by(email: auth_params[:email], role: 'admin')
+      user = User.find_by(email: auth_params[:email])

-      if admin && admin.authenticate(auth_params[:password])
-        session[:user] = admin.to_i
+      if user && user.authenticate(auth_params[:password])
+        session[:user] = user.to_i
        redirect_to admin_path
      else
        redirect_to admin_login_path,
--- a/app/controllers/admin/profile_controller.rb
+++ b/app/controllers/admin/profile_controller.rb
@ -5,11 +5,11 @@ module Admin
    end

    def edit
-      @user = current_admin
+      @user = current_user
    end

    def update
-      @user = current_admin
+      @user = current_user

      if @user.update_attributes(user_params)
        redirect_to admin_profile_path,
--- a/app/controllers/admin_controller.rb
+++ b/app/controllers/admin_controller.rb
@ -1,22 +1,21 @@
 # frozen_string_literal: true
 class AdminController < ApplicationController
  layout 'admin'
-  before_action :authorize_admin
+  before_action :authorize_user

  def dashboard
    @quizzes = Quiz.includes(:questions).all
    @users = User.order(:role, :name)
  end

-  def current_admin
-    user_args = { id: session[:user], role: 'admin' }
-    @current_admin ||= User.find_by(user_args) if session[:user]
+  def current_user
+    @current_user ||= User.find_by(id: session[:user]) if session[:user]
  end
-  helper_method :current_admin
+  helper_method :current_user

  private

-    def authorize_admin
-      redirect_to admin_login_path unless current_admin
+    def authorize_user
+      redirect_to admin_login_path unless current_user
    end
 end
--- a/app/controllers/concerns/.keep
+++ b/app/controllers/concerns/.keep
--- a/app/models/concerns/.keep
+++ b/app/models/concerns/.keep
--- a/app/views/admin/profile/view.html.erb
+++ b/app/views/admin/profile/view.html.erb
@ -2,7 +2,7 @@
  content_for :section_title, "Profile"
 %>

-<p>Name: <%= current_admin.name %></p>
-<p>email: <%= current_admin.email %></p>
-<p>Role: <%= current_admin.role %></p>
+<p>Name: <%= current_user.name %></p>
+<p>email: <%= current_user.email %></p>
+<p>Role: <%= current_user.role %></p>
 <%= link_to('Edit', admin_edit_profile_path, { class: 'btn' }) %>
--- a/test/controllers/admin/auth_controller_test.rb
+++ b/test/controllers/admin/auth_controller_test.rb
@ -26,18 +26,16 @@ module Admin
      assert_redirected_to admin_url
    end

-    test "recruiter should not admin auth" do
+    test "recruiter should auth to dashboard" do
      post admin_auth_url, params: { auth:
          { email: 'pdr.recruiter@mailinator.com', password: 'password' } }
-      assert_redirected_to admin_login_url
-      assert_match(/incorrect.*email/, flash[:error])
+      assert_redirected_to admin_url
    end

-    test "reviewer should not admin auth" do
+    test "reviewer should auth to dashboard" do
      post admin_auth_url, params: { auth:
          { email: 'fed.reviewer@mailinator.com', password: 'password' } }
-      assert_redirected_to admin_login_url
-      assert_match(/incorrect.*email/, flash[:error])
+      assert_redirected_to admin_url
    end

    test "should get reset_request" do