current_admin to current_user => prep for pundit
This commit is contained in:
parent
3c45527a04
commit
0a69eb578e
@ -1,16 +1,16 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
module Admin
|
module Admin
|
||||||
class AuthController < AdminController
|
class AuthController < AdminController
|
||||||
skip_before_action :authorize_admin
|
skip_before_action :authorize_user
|
||||||
|
|
||||||
def login
|
def login
|
||||||
end
|
end
|
||||||
|
|
||||||
def auth
|
def auth
|
||||||
admin = User.find_by(email: auth_params[:email], role: 'admin')
|
user = User.find_by(email: auth_params[:email])
|
||||||
|
|
||||||
if admin && admin.authenticate(auth_params[:password])
|
if user && user.authenticate(auth_params[:password])
|
||||||
session[:user] = admin.to_i
|
session[:user] = user.to_i
|
||||||
redirect_to admin_path
|
redirect_to admin_path
|
||||||
else
|
else
|
||||||
redirect_to admin_login_path,
|
redirect_to admin_login_path,
|
||||||
|
@ -5,11 +5,11 @@ module Admin
|
|||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
@user = current_admin
|
@user = current_user
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
@user = current_admin
|
@user = current_user
|
||||||
|
|
||||||
if @user.update_attributes(user_params)
|
if @user.update_attributes(user_params)
|
||||||
redirect_to admin_profile_path,
|
redirect_to admin_profile_path,
|
||||||
|
@ -1,22 +1,21 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
class AdminController < ApplicationController
|
class AdminController < ApplicationController
|
||||||
layout 'admin'
|
layout 'admin'
|
||||||
before_action :authorize_admin
|
before_action :authorize_user
|
||||||
|
|
||||||
def dashboard
|
def dashboard
|
||||||
@quizzes = Quiz.includes(:questions).all
|
@quizzes = Quiz.includes(:questions).all
|
||||||
@users = User.order(:role, :name)
|
@users = User.order(:role, :name)
|
||||||
end
|
end
|
||||||
|
|
||||||
def current_admin
|
def current_user
|
||||||
user_args = { id: session[:user], role: 'admin' }
|
@current_user ||= User.find_by(id: session[:user]) if session[:user]
|
||||||
@current_admin ||= User.find_by(user_args) if session[:user]
|
|
||||||
end
|
end
|
||||||
helper_method :current_admin
|
helper_method :current_user
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def authorize_admin
|
def authorize_user
|
||||||
redirect_to admin_login_path unless current_admin
|
redirect_to admin_login_path unless current_user
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
content_for :section_title, "Profile"
|
content_for :section_title, "Profile"
|
||||||
%>
|
%>
|
||||||
|
|
||||||
<p>Name: <%= current_admin.name %></p>
|
<p>Name: <%= current_user.name %></p>
|
||||||
<p>email: <%= current_admin.email %></p>
|
<p>email: <%= current_user.email %></p>
|
||||||
<p>Role: <%= current_admin.role %></p>
|
<p>Role: <%= current_user.role %></p>
|
||||||
<%= link_to('Edit', admin_edit_profile_path, { class: 'btn' }) %>
|
<%= link_to('Edit', admin_edit_profile_path, { class: 'btn' }) %>
|
||||||
|
@ -26,18 +26,16 @@ module Admin
|
|||||||
assert_redirected_to admin_url
|
assert_redirected_to admin_url
|
||||||
end
|
end
|
||||||
|
|
||||||
test "recruiter should not admin auth" do
|
test "recruiter should auth to dashboard" do
|
||||||
post admin_auth_url, params: { auth:
|
post admin_auth_url, params: { auth:
|
||||||
{ email: 'pdr.recruiter@mailinator.com', password: 'password' } }
|
{ email: 'pdr.recruiter@mailinator.com', password: 'password' } }
|
||||||
assert_redirected_to admin_login_url
|
assert_redirected_to admin_url
|
||||||
assert_match(/incorrect.*email/, flash[:error])
|
|
||||||
end
|
end
|
||||||
|
|
||||||
test "reviewer should not admin auth" do
|
test "reviewer should auth to dashboard" do
|
||||||
post admin_auth_url, params: { auth:
|
post admin_auth_url, params: { auth:
|
||||||
{ email: 'fed.reviewer@mailinator.com', password: 'password' } }
|
{ email: 'fed.reviewer@mailinator.com', password: 'password' } }
|
||||||
assert_redirected_to admin_login_url
|
assert_redirected_to admin_url
|
||||||
assert_match(/incorrect.*email/, flash[:error])
|
|
||||||
end
|
end
|
||||||
|
|
||||||
test "should get reset_request" do
|
test "should get reset_request" do
|
||||||
|
Loading…
Reference in New Issue
Block a user