current_admin to current_user => prep for pundit

This commit is contained in:
Mark Moser 2016-09-19 14:25:17 -05:00
parent 3c45527a04
commit 0a69eb578e
7 changed files with 19 additions and 22 deletions

View File

@ -1,16 +1,16 @@
# frozen_string_literal: true # frozen_string_literal: true
module Admin module Admin
class AuthController < AdminController class AuthController < AdminController
skip_before_action :authorize_admin skip_before_action :authorize_user
def login def login
end end
def auth def auth
admin = User.find_by(email: auth_params[:email], role: 'admin') user = User.find_by(email: auth_params[:email])
if admin && admin.authenticate(auth_params[:password]) if user && user.authenticate(auth_params[:password])
session[:user] = admin.to_i session[:user] = user.to_i
redirect_to admin_path redirect_to admin_path
else else
redirect_to admin_login_path, redirect_to admin_login_path,

View File

@ -5,11 +5,11 @@ module Admin
end end
def edit def edit
@user = current_admin @user = current_user
end end
def update def update
@user = current_admin @user = current_user
if @user.update_attributes(user_params) if @user.update_attributes(user_params)
redirect_to admin_profile_path, redirect_to admin_profile_path,

View File

@ -1,22 +1,21 @@
# frozen_string_literal: true # frozen_string_literal: true
class AdminController < ApplicationController class AdminController < ApplicationController
layout 'admin' layout 'admin'
before_action :authorize_admin before_action :authorize_user
def dashboard def dashboard
@quizzes = Quiz.includes(:questions).all @quizzes = Quiz.includes(:questions).all
@users = User.order(:role, :name) @users = User.order(:role, :name)
end end
def current_admin def current_user
user_args = { id: session[:user], role: 'admin' } @current_user ||= User.find_by(id: session[:user]) if session[:user]
@current_admin ||= User.find_by(user_args) if session[:user]
end end
helper_method :current_admin helper_method :current_user
private private
def authorize_admin def authorize_user
redirect_to admin_login_path unless current_admin redirect_to admin_login_path unless current_user
end end
end end

View File

@ -2,7 +2,7 @@
content_for :section_title, "Profile" content_for :section_title, "Profile"
%> %>
<p>Name: <%= current_admin.name %></p> <p>Name: <%= current_user.name %></p>
<p>email: <%= current_admin.email %></p> <p>email: <%= current_user.email %></p>
<p>Role: <%= current_admin.role %></p> <p>Role: <%= current_user.role %></p>
<%= link_to('Edit', admin_edit_profile_path, { class: 'btn' }) %> <%= link_to('Edit', admin_edit_profile_path, { class: 'btn' }) %>

View File

@ -26,18 +26,16 @@ module Admin
assert_redirected_to admin_url assert_redirected_to admin_url
end end
test "recruiter should not admin auth" do test "recruiter should auth to dashboard" do
post admin_auth_url, params: { auth: post admin_auth_url, params: { auth:
{ email: 'pdr.recruiter@mailinator.com', password: 'password' } } { email: 'pdr.recruiter@mailinator.com', password: 'password' } }
assert_redirected_to admin_login_url assert_redirected_to admin_url
assert_match(/incorrect.*email/, flash[:error])
end end
test "reviewer should not admin auth" do test "reviewer should auth to dashboard" do
post admin_auth_url, params: { auth: post admin_auth_url, params: { auth:
{ email: 'fed.reviewer@mailinator.com', password: 'password' } } { email: 'fed.reviewer@mailinator.com', password: 'password' } }
assert_redirected_to admin_login_url assert_redirected_to admin_url
assert_match(/incorrect.*email/, flash[:error])
end end
test "should get reset_request" do test "should get reset_request" do