basic admin policy start
This commit is contained in:
parent
0a69eb578e
commit
12c7e9e77c
@ -38,6 +38,10 @@ Style/SpaceBeforeFirstArg:
|
|||||||
Style/StringLiterals:
|
Style/StringLiterals:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
|
||||||
|
Style/StructInheritance:
|
||||||
|
Exclude:
|
||||||
|
- app/policies/**/*
|
||||||
|
|
||||||
Metrics/AbcSize:
|
Metrics/AbcSize:
|
||||||
Exclude:
|
Exclude:
|
||||||
- db/migrate/**/*
|
- db/migrate/**/*
|
||||||
|
2
Gemfile
2
Gemfile
@ -11,6 +11,7 @@ gem 'jquery-rails'
|
|||||||
gem 'json', '~> 2.0.2'
|
gem 'json', '~> 2.0.2'
|
||||||
gem 'mailjet', '~> 1.3.8'
|
gem 'mailjet', '~> 1.3.8'
|
||||||
gem 'puma', '~> 3.0'
|
gem 'puma', '~> 3.0'
|
||||||
|
gem 'pundit'
|
||||||
gem 'sass-rails', '~> 5.0'
|
gem 'sass-rails', '~> 5.0'
|
||||||
gem 'settingslogic', '~> 2.0.9'
|
gem 'settingslogic', '~> 2.0.9'
|
||||||
gem 'turbolinks', '~> 5'
|
gem 'turbolinks', '~> 5'
|
||||||
@ -44,6 +45,7 @@ group :development, :test do
|
|||||||
gem 'guard-shell'
|
gem 'guard-shell'
|
||||||
gem 'listen', '~> 3.0'
|
gem 'listen', '~> 3.0'
|
||||||
gem 'minitest-reporters'
|
gem 'minitest-reporters'
|
||||||
|
gem 'policy-assertions'
|
||||||
gem 'pry-byebug'
|
gem 'pry-byebug'
|
||||||
gem 'pry-rails'
|
gem 'pry-rails'
|
||||||
gem 'rails-controller-testing'
|
gem 'rails-controller-testing'
|
||||||
|
@ -161,6 +161,9 @@ GEM
|
|||||||
parser (2.3.1.2)
|
parser (2.3.1.2)
|
||||||
ast (~> 2.2)
|
ast (~> 2.2)
|
||||||
pkg-config (1.1.7)
|
pkg-config (1.1.7)
|
||||||
|
policy-assertions (0.0.3)
|
||||||
|
activesupport (>= 3.0.0)
|
||||||
|
pundit (>= 1.0.0)
|
||||||
powerpack (0.1.1)
|
powerpack (0.1.1)
|
||||||
premailer (1.8.7)
|
premailer (1.8.7)
|
||||||
css_parser (>= 1.4.5)
|
css_parser (>= 1.4.5)
|
||||||
@ -178,6 +181,8 @@ GEM
|
|||||||
pry-rails (0.3.4)
|
pry-rails (0.3.4)
|
||||||
pry (>= 0.9.10)
|
pry (>= 0.9.10)
|
||||||
puma (3.6.0)
|
puma (3.6.0)
|
||||||
|
pundit (1.1.0)
|
||||||
|
activesupport (>= 3.0.0)
|
||||||
rack (2.0.1)
|
rack (2.0.1)
|
||||||
rack-livereload (0.3.16)
|
rack-livereload (0.3.16)
|
||||||
rack
|
rack
|
||||||
@ -309,10 +314,12 @@ DEPENDENCIES
|
|||||||
minitest-reporters
|
minitest-reporters
|
||||||
mysql2 (>= 0.3.18, < 0.5)
|
mysql2 (>= 0.3.18, < 0.5)
|
||||||
neat
|
neat
|
||||||
|
policy-assertions
|
||||||
premailer-rails
|
premailer-rails
|
||||||
pry-byebug
|
pry-byebug
|
||||||
pry-rails
|
pry-rails
|
||||||
puma (~> 3.0)
|
puma (~> 3.0)
|
||||||
|
pundit
|
||||||
rack-livereload
|
rack-livereload
|
||||||
rails (~> 5.0, >= 5.0.0.1)
|
rails (~> 5.0, >= 5.0.0.1)
|
||||||
rails-controller-testing
|
rails-controller-testing
|
||||||
|
@ -1,9 +1,13 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
class AdminController < ApplicationController
|
class AdminController < ApplicationController
|
||||||
|
include Pundit
|
||||||
layout 'admin'
|
layout 'admin'
|
||||||
before_action :authorize_user
|
before_action :authorize_user
|
||||||
|
|
||||||
|
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
|
||||||
|
|
||||||
def dashboard
|
def dashboard
|
||||||
|
authorize :admin, :dashboard?
|
||||||
@quizzes = Quiz.includes(:questions).all
|
@quizzes = Quiz.includes(:questions).all
|
||||||
@users = User.order(:role, :name)
|
@users = User.order(:role, :name)
|
||||||
end
|
end
|
||||||
@ -18,4 +22,9 @@ class AdminController < ApplicationController
|
|||||||
def authorize_user
|
def authorize_user
|
||||||
redirect_to admin_login_path unless current_user
|
redirect_to admin_login_path unless current_user
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def user_not_authorized
|
||||||
|
flash[:error] = "You are not authorized to perform this action."
|
||||||
|
redirect_to(request.referer || root_path)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
31
app/policies/admin_policy.rb
Normal file
31
app/policies/admin_policy.rb
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
class AdminPolicy < Struct.new(:user, :dashboard)
|
||||||
|
attr_reader :user, :record
|
||||||
|
|
||||||
|
def initialize(user, record)
|
||||||
|
raise Pundit::NotAuthorizedError, "Must be logged in." unless user
|
||||||
|
@user = user
|
||||||
|
@record = record
|
||||||
|
end
|
||||||
|
|
||||||
|
def dashboard?
|
||||||
|
true
|
||||||
|
end
|
||||||
|
|
||||||
|
def scope
|
||||||
|
Pundit.policy_scope!(user, record.class)
|
||||||
|
end
|
||||||
|
|
||||||
|
class Scope
|
||||||
|
attr_reader :user, :scope
|
||||||
|
|
||||||
|
def initialize(user, scope)
|
||||||
|
@user = user
|
||||||
|
@scope = scope
|
||||||
|
end
|
||||||
|
|
||||||
|
def resolve
|
||||||
|
scope
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
10
test/policies/admin_policy_test.rb
Normal file
10
test/policies/admin_policy_test.rb
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
require 'test_helper'
|
||||||
|
|
||||||
|
# TODO: How the heck to you test a headless policy?...
|
||||||
|
#
|
||||||
|
# class AdminPolicyTest < PolicyAssertions::Test
|
||||||
|
# def test_dashboard
|
||||||
|
# assert_permit users(:recruiter), Admin
|
||||||
|
# end
|
||||||
|
# end
|
@ -13,6 +13,7 @@ require File.expand_path('../../config/environment', __FILE__)
|
|||||||
require 'rails/test_help'
|
require 'rails/test_help'
|
||||||
require "minitest/autorun"
|
require "minitest/autorun"
|
||||||
require 'minitest/reporters'
|
require 'minitest/reporters'
|
||||||
|
require 'policy_assertions'
|
||||||
Dir[Rails.root.join("test/test_helpers/**/*.rb")].each { |f| require f }
|
Dir[Rails.root.join("test/test_helpers/**/*.rb")].each { |f| require f }
|
||||||
|
|
||||||
Minitest::Reporters.use! [Minitest::Reporters::DefaultReporter.new(color: true)]
|
Minitest::Reporters.use! [Minitest::Reporters::DefaultReporter.new(color: true)]
|
||||||
|
Loading…
Reference in New Issue
Block a user