basic admin policy start

This commit is contained in:
Mark Moser 2016-09-19 16:40:56 -05:00
parent 0a69eb578e
commit 12c7e9e77c
7 changed files with 64 additions and 0 deletions

View File

@ -38,6 +38,10 @@ Style/SpaceBeforeFirstArg:
Style/StringLiterals: Style/StringLiterals:
Enabled: false Enabled: false
Style/StructInheritance:
Exclude:
- app/policies/**/*
Metrics/AbcSize: Metrics/AbcSize:
Exclude: Exclude:
- db/migrate/**/* - db/migrate/**/*

View File

@ -11,6 +11,7 @@ gem 'jquery-rails'
gem 'json', '~> 2.0.2' gem 'json', '~> 2.0.2'
gem 'mailjet', '~> 1.3.8' gem 'mailjet', '~> 1.3.8'
gem 'puma', '~> 3.0' gem 'puma', '~> 3.0'
gem 'pundit'
gem 'sass-rails', '~> 5.0' gem 'sass-rails', '~> 5.0'
gem 'settingslogic', '~> 2.0.9' gem 'settingslogic', '~> 2.0.9'
gem 'turbolinks', '~> 5' gem 'turbolinks', '~> 5'
@ -44,6 +45,7 @@ group :development, :test do
gem 'guard-shell' gem 'guard-shell'
gem 'listen', '~> 3.0' gem 'listen', '~> 3.0'
gem 'minitest-reporters' gem 'minitest-reporters'
gem 'policy-assertions'
gem 'pry-byebug' gem 'pry-byebug'
gem 'pry-rails' gem 'pry-rails'
gem 'rails-controller-testing' gem 'rails-controller-testing'

View File

@ -161,6 +161,9 @@ GEM
parser (2.3.1.2) parser (2.3.1.2)
ast (~> 2.2) ast (~> 2.2)
pkg-config (1.1.7) pkg-config (1.1.7)
policy-assertions (0.0.3)
activesupport (>= 3.0.0)
pundit (>= 1.0.0)
powerpack (0.1.1) powerpack (0.1.1)
premailer (1.8.7) premailer (1.8.7)
css_parser (>= 1.4.5) css_parser (>= 1.4.5)
@ -178,6 +181,8 @@ GEM
pry-rails (0.3.4) pry-rails (0.3.4)
pry (>= 0.9.10) pry (>= 0.9.10)
puma (3.6.0) puma (3.6.0)
pundit (1.1.0)
activesupport (>= 3.0.0)
rack (2.0.1) rack (2.0.1)
rack-livereload (0.3.16) rack-livereload (0.3.16)
rack rack
@ -309,10 +314,12 @@ DEPENDENCIES
minitest-reporters minitest-reporters
mysql2 (>= 0.3.18, < 0.5) mysql2 (>= 0.3.18, < 0.5)
neat neat
policy-assertions
premailer-rails premailer-rails
pry-byebug pry-byebug
pry-rails pry-rails
puma (~> 3.0) puma (~> 3.0)
pundit
rack-livereload rack-livereload
rails (~> 5.0, >= 5.0.0.1) rails (~> 5.0, >= 5.0.0.1)
rails-controller-testing rails-controller-testing

View File

@ -1,9 +1,13 @@
# frozen_string_literal: true # frozen_string_literal: true
class AdminController < ApplicationController class AdminController < ApplicationController
include Pundit
layout 'admin' layout 'admin'
before_action :authorize_user before_action :authorize_user
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
def dashboard def dashboard
authorize :admin, :dashboard?
@quizzes = Quiz.includes(:questions).all @quizzes = Quiz.includes(:questions).all
@users = User.order(:role, :name) @users = User.order(:role, :name)
end end
@ -18,4 +22,9 @@ class AdminController < ApplicationController
def authorize_user def authorize_user
redirect_to admin_login_path unless current_user redirect_to admin_login_path unless current_user
end end
def user_not_authorized
flash[:error] = "You are not authorized to perform this action."
redirect_to(request.referer || root_path)
end
end end

View File

@ -0,0 +1,31 @@
# frozen_string_literal: true
class AdminPolicy < Struct.new(:user, :dashboard)
attr_reader :user, :record
def initialize(user, record)
raise Pundit::NotAuthorizedError, "Must be logged in." unless user
@user = user
@record = record
end
def dashboard?
true
end
def scope
Pundit.policy_scope!(user, record.class)
end
class Scope
attr_reader :user, :scope
def initialize(user, scope)
@user = user
@scope = scope
end
def resolve
scope
end
end
end

View File

@ -0,0 +1,10 @@
# frozen_string_literal: true
require 'test_helper'
# TODO: How the heck to you test a headless policy?...
#
# class AdminPolicyTest < PolicyAssertions::Test
# def test_dashboard
# assert_permit users(:recruiter), Admin
# end
# end

View File

@ -13,6 +13,7 @@ require File.expand_path('../../config/environment', __FILE__)
require 'rails/test_help' require 'rails/test_help'
require "minitest/autorun" require "minitest/autorun"
require 'minitest/reporters' require 'minitest/reporters'
require 'policy_assertions'
Dir[Rails.root.join("test/test_helpers/**/*.rb")].each { |f| require f } Dir[Rails.root.join("test/test_helpers/**/*.rb")].each { |f| require f }
Minitest::Reporters.use! [Minitest::Reporters::DefaultReporter.new(color: true)] Minitest::Reporters.use! [Minitest::Reporters::DefaultReporter.new(color: true)]