Refactor user to admin and api user

2025-07-22 02:35:57 +02:00 · 2015-02-13 16:17:06 +02:00 · 2015-02-13 16:17:06 +02:00 · 037cb57e00
commit 037cb57e00
parent f3215680d5
34 changed files with 551 additions and 551 deletions
--- a/app/api/repp/api.rb
+++ b/app/api/repp/api.rb
@ -4,11 +4,11 @@ module Repp
    prefix :repp

    http_basic do |username, password|
-      @current_api_user ||= ApiUser.find_by(username: username, password: password)
+      @current_user ||= ApiUser.find_by(username: username, password: password)
    end

    helpers do
-      attr_reader :current_api_user
+      attr_reader :current_user
    end

    after do
@ -18,8 +18,8 @@ module Repp
        request_params: request.params.except('route_info').to_json,
        response: @response.to_json,
        response_code: status,
-        api_user_name: current_api_user.try(:username),
-        api_user_registrar: current_api_user.try(:registrar).try(:to_s),
+        api_user_name: current_user.try(:username),
+        api_user_registrar: current_user.try(:registrar).try(:to_s),
        ip: request.ip
      })
    end
--- a/app/api/repp/contact_v1.rb
+++ b/app/api/repp/contact_v1.rb
@ -5,7 +5,7 @@ module Repp
    resource :contacts do
      desc 'Return list of contact'
      get '/' do
-        contacts = current_api_user.registrar.contacts.page(params[:page])
+        contacts = current_user.registrar.contacts.page(params[:page])
        @response = {
          contacts: contacts,
          total_pages: contacts.total_pages
--- a/app/api/repp/domain_v1.rb
+++ b/app/api/repp/domain_v1.rb
@ -5,7 +5,7 @@ module Repp
    resource :domains do
      desc 'Return list of domains'
      get '/' do
-        domains = current_api_user.registrar.domains.page(params[:page])
+        domains = current_user.registrar.domains.page(params[:page])
        @response = {
          domains: domains,
          total_pages: domains.total_pages
--- a/app/controllers/admin/admin_users_controller.rb
+++ b/app/controllers/admin/admin_users_controller.rb
@ -1,22 +1,22 @@
-class Admin::UsersController < AdminController
+class Admin::AdminUsersController < AdminController
  load_and_authorize_resource
  before_action :set_user, only: [:show, :edit, :update, :destroy]

  def index
-    @q = User.search(params[:q])
-    @users = @q.result.page(params[:page])
+    @q = AdminUser.search(params[:q])
+    @admin_users = @q.result.page(params[:page])
  end

  def new
-    @user = User.new
+    @admin_user = AdminUser.new
  end

  def create
-    @user = User.new(user_params)
+    @admin_user = AdminUser.new(admin_user_params)

-    if @user.save
+    if @admin_user.save
      flash[:notice] = I18n.t('record_created')
-      redirect_to [:admin, @user]
+      redirect_to [:admin, @admin_user]
    else
      flash.now[:alert] = I18n.t('failed_to_create_record')
      render 'new'
@ -28,9 +28,9 @@ class Admin::UsersController < AdminController
  def edit; end

  def update
-    if @user.update(user_params)
+    if @admin_user.update(admin_user_params)
      flash[:notice] = I18n.t('record_updated')
-      redirect_to [:admin, @user]
+      redirect_to [:admin, @admin_user]
    else
      flash.now[:alert] = I18n.t('failed_to_update_record')
      render 'edit'
@ -38,7 +38,7 @@ class Admin::UsersController < AdminController
  end

  def destroy
-    if @user.destroy
+    if @admin_user.destroy
      flash[:notice] = I18n.t('record_deleted')
      redirect_to admin_users_path
    else
@ -50,10 +50,10 @@ class Admin::UsersController < AdminController
  private

  def set_user
-    @user = User.find(params[:id])
+    @admin_user = AdminUser.find(params[:id])
  end

-  def user_params
-    params.require(:user).permit(:username, :password, :identity_code, :email, :country_code, { roles: [] })
+  def admin_user_params
+    params.require(:admin_user).permit(:username, :password, :identity_code, :email, :country_code, { roles: [] })
  end
 end
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -15,10 +15,10 @@ class ApplicationController < ActionController::Base
  end

  def user_for_paper_trail
-    if defined?(current_api_user) && current_api_user.present?
-      # Most of the time it's not loaded in correct time because PaperTrail before filter kicks in 
-      # before current_api_user is defined. PaperTrail is triggered also at current_api_user
-      api_user_log_str(current_api_user) 
+    if defined?(current_user) && current_user.present?
+      # Most of the time it's not loaded in correct time because PaperTrail before filter kicks in
+      # before current_user is defined. PaperTrail is triggered also at current_user
+      api_user_log_str(current_user)
    elsif current_user.present?
      "#{current_user.id}-#{current_user.username}"
    else
--- a/app/controllers/concerns/shared/user_stamper.rb
+++ b/app/controllers/concerns/shared/user_stamper.rb
@ -5,9 +5,9 @@ module Shared::UserStamper
    # return false if obj.nil? || !obj.has_attribute?(:created_by_id && :updated_by_id)

    # if obj.new_record?
-      # obj.created_by_id = current_api_user.id
+      # obj.created_by_id = current_user.id
    # else
-      # obj.updated_by_id = current_api_user.id
+      # obj.updated_by_id = current_user.id
    # end

    # true
--- a/app/controllers/epp/contacts_controller.rb
+++ b/app/controllers/epp/contacts_controller.rb
@ -3,7 +3,7 @@ class Epp::ContactsController < EppController

  def create
    @contact = Contact.new(contact_and_address_attributes)
-    @contact.registrar = current_api_user.registrar
+    @contact.registrar = current_user.registrar
    render_epp_response '/epp/contacts/create' and return if @contact.save
    handle_errors(@contact)
  end
@ -108,7 +108,7 @@ class Epp::ContactsController < EppController
    return false unless xml_attrs_present?(@ph, [['id']])
    @contact = find_contact
    return false unless @contact
-    return true if current_api_user.registrar == @contact.registrar || xml_attrs_present?(@ph, [%w(authInfo pw)])
+    return true if current_user.registrar == @contact.registrar || xml_attrs_present?(@ph, [%w(authInfo pw)])
    false
  end

@ -126,7 +126,7 @@ class Epp::ContactsController < EppController

  def owner?(with_errors = true)
    return false unless find_contact
-    return true if @contact.registrar == current_api_user.registrar
+    return true if @contact.registrar == current_user.registrar
    return false unless with_errors
    epp_errors << { code: '2201', msg: t('errors.messages.epp_authorization_error') }
    false
@ -135,7 +135,7 @@ class Epp::ContactsController < EppController
  def rights?
    pw = @ph.try(:[], :authInfo).try(:[], :pw)

-    return true if current_api_user.try(:registrar) == @contact.try(:registrar)
+    return true if current_user.try(:registrar) == @contact.try(:registrar)
    return true if pw && @contact.auth_info_matches(pw) # @contact.try(:auth_info_matches, pw)

    epp_errors << { code: '2200', msg: t('errors.messages.epp_authentication_error') }
--- a/app/controllers/epp/domains_controller.rb
+++ b/app/controllers/epp/domains_controller.rb
@ -176,7 +176,7 @@ class Epp::DomainsController < EppController

    {
      name: name,
-      registrar_id: current_api_user.registrar.try(:id),
+      registrar_id: current_user.registrar.try(:id),
      registered_at: Time.now,
      period: (period.to_i == 0) ? 1 : period.to_i,
      period_unit: Epp::EppDomain.parse_period_unit_from_frame(params[:parsed_frame]) || 'y'
@ -187,7 +187,7 @@ class Epp::DomainsController < EppController
    res = {}
    res[:pw] = params[:parsed_frame].css('pw').first.try(:text)
    res[:action] = params[:parsed_frame].css('transfer').first[:op]
-    res[:current_user] = current_api_user
+    res[:current_user] = current_user
    res
  end

@ -206,7 +206,7 @@ class Epp::DomainsController < EppController

    return domain if domain.auth_info == params[:parsed_frame].css('authInfo pw').text

-    if (domain.registrar != current_api_user.registrar && secure[:secure] == true) &&
+    if (domain.registrar != current_user.registrar && secure[:secure] == true) &&
      epp_errors << {
        code: '2302',
        msg: I18n.t('errors.messages.domain_exists_but_belongs_to_other_registrar'),
--- a/app/controllers/epp/keyrelays_controller.rb
+++ b/app/controllers/epp/keyrelays_controller.rb
@ -6,7 +6,7 @@ class Epp::KeyrelaysController < EppController

    handle_errors(@domain) and return unless @domain
    handle_errors(@domain) and return unless @domain.authenticate(params[:parsed_frame].css('pw').text)
-    handle_errors(@domain) and return unless @domain.keyrelay(params[:parsed_frame], current_api_user.registrar)
+    handle_errors(@domain) and return unless @domain.keyrelay(params[:parsed_frame], current_user.registrar)

    render_epp_response '/epp/shared/success'
  end
--- a/app/controllers/epp/polls_controller.rb
+++ b/app/controllers/epp/polls_controller.rb
@ -5,7 +5,7 @@ class Epp::PollsController < EppController
  end

  def req_poll
-    @message = current_api_user.queued_messages.last
+    @message = current_user.queued_messages.last
    render_epp_response 'epp/poll/poll_no_messages' and return unless @message

    if @message.attached_obj_type && @message.attached_obj_id
@ -20,7 +20,7 @@ class Epp::PollsController < EppController
  end

  def ack_poll
-    @message = current_api_user.queued_messages.find_by(id: params[:parsed_frame].css('poll').first['msgID'])
+    @message = current_user.queued_messages.find_by(id: params[:parsed_frame].css('poll').first['msgID'])

    unless @message
      epp_errors << {
--- a/app/controllers/epp/sessions_controller.rb
+++ b/app/controllers/epp/sessions_controller.rb
@ -16,7 +16,7 @@ class Epp::SessionsController < EppController
  end

  def logout
-    @api_user = current_api_user # cache current_api_user for logging
+    @api_user = current_user # cache current_user for logging
    epp_session[:api_user_id] = nil
    response.headers['X-EPP-Returncode'] = '1500'
    render_epp_response('logout')
--- a/app/controllers/epp_controller.rb
+++ b/app/controllers/epp_controller.rb
@ -3,7 +3,7 @@ class EppController < ApplicationController
  before_action :generate_svtrid
  before_action :validate_request
  layout false
-  helper_method :current_api_user
+  helper_method :current_user

  def generate_svtrid
    # rubocop: disable Style/VariableName
@ -21,13 +21,13 @@ class EppController < ApplicationController
    EppSession.find_or_initialize_by(session_id: cookie['session'])
  end

-  def current_api_user
-    @current_api_user ||= ApiUser.find_by_id(epp_session[:api_user_id])
+  def current_user
+    @current_user ||= ApiUser.find_by_id(epp_session[:api_user_id])
    # by default PaperTrail uses before filter and at that
-    # time current_api_user is not yet present
-    ::PaperTrail.whodunnit = api_user_log_str(@current_api_user)
+    # time current_user is not yet present
+    ::PaperTrail.whodunnit = api_user_log_str(@current_user)
    ::PaperSession.session = epp_session.session_id if epp_session.session_id.present?
-    @current_api_user
+    @current_user
  end

  # ERROR + RESPONSE HANDLING
@ -203,8 +203,8 @@ class EppController < ApplicationController
      request_successful: epp_errors.empty?,
      request_object: params[:epp_object_type],
      response: @response,
-      api_user_name: api_user_log_str(@api_user || current_api_user),
-      api_user_registrar: @api_user.try(:registrar).try(:to_s) || current_api_user.try(:registrar).try(:to_s),
+      api_user_name: api_user_log_str(@api_user || current_user),
+      api_user_registrar: @api_user.try(:registrar).try(:to_s) || current_user.try(:registrar).try(:to_s),
      ip: request.ip
    })
  end
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -3,8 +3,8 @@ class SessionsController < Devise::SessionsController
    # TODO: Create ID Card login here:
    # this is just testing config
    # if Rails.env.development? || Rails.env.test?
-    @user = User.first if params[:user1]
-    @user = User.second if params[:user2]
+    @user = AdminUser.first if params[:user1]
+    @user = AdminUser.second if params[:user2]

    return redirect_to :back, alert: 'No user' if @user.blank?

--- a/app/helpers/whodunnit_helper.rb
+++ b/app/helpers/whodunnit_helper.rb
@ -5,7 +5,7 @@ module WhodunnitHelper
      user = ApiUser.find(whodunnit)
      return link_to(user.username, admin_epp_user_path(user))
    end
-    user = User.find(whodunnit)
+    user = AdminUser.find(whodunnit)
    return link_to(user.username, admin_user_path(user))
  rescue ActiveRecord::RecordNotFound
    return nil
@ -17,7 +17,7 @@ module WhodunnitHelper
      user = ApiUser.find(whodunnit)
      return "#{user.username} (EPP)"
    end
-    user = User.find(whodunnit)
+    user = AdminUser.find(whodunnit)
    return user.username
  rescue ActiveRecord::RecordNotFound
    return nil
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@ -4,7 +4,7 @@ class Ability
  def initialize(user)
    alias_action :create, :read, :update, :destroy, to: :crud

-    @user = user || User.new
+    @user = user || AdminUser.new
    @user.roles.each { |role| send(role) } if @user.roles

    return if @user.roles || @user.roles.any?
--- a/app/models/admin_user.rb
+++ b/app/models/admin_user.rb
@ -1,5 +1,4 @@
 class AdminUser < User
-  devise :trackable, :timeoutable
  # TODO: Foreign user will get email with activation link,email,temp-password.
  # After activisation, system should require to change temp password.
  # TODO: Estonian id validation
--- a/app/models/concerns/versions.rb
+++ b/app/models/concerns/versions.rb
@ -30,7 +30,7 @@ module Versions
      if creator_str =~ /^\d-api-/
        ApiUser.find(creator_str)
      else
-        User.find(creator_str)
+        AdminUser.find(creator_str)
      end
    end

@ -40,7 +40,7 @@ module Versions
      if updator_str =~ /^\d-api-/
        ApiUser.find(updator_str)
      else
-        User.find(updator_str)
+        AdminUser.find(updator_str)
      end
    end

--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -1,3 +1,4 @@
 class User < ActiveRecord::Base
  include Versions # version/user_version.rb
+  devise :trackable, :timeoutable
 end
--- a/app/views/admin/admin_users/_form.haml
+++ b/app/views/admin/admin_users/_form.haml
@ -1,9 +1,9 @@
-= form_for([:admin, @user]) do |f|
-  - if @user.errors.any?
-    - @user.errors.each do |attr, err|
+= form_for([:admin, @admin_user]) do |f|
+  - if @admin_user.errors.any?
+    - @admin_user.errors.each do |attr, err|
      = err
      %br
-  - if @user.errors.any?
+  - if @admin_user.errors.any?
    %hr

  .row
@ -27,7 +27,7 @@
        = f.text_field(:email, class: 'form-control')
      .form-group
        = f.label :role
-        = select_tag 'user[roles][]', options_for_select(User::ROLES.map {|x| [t(x), x] }, @user.roles.try(:first)), class: 'form-control selectize'
+        = select_tag 'admin_user[roles][]', options_for_select(AdminUser::ROLES.map {|x| [t(x), x] }, @admin_user.roles.try(:first)), class: 'form-control selectize'

  %hr
  .row
--- a/app/views/admin/admin_users/edit.haml
+++ b/app/views/admin/admin_users/edit.haml
@ -4,6 +4,6 @@
      = "#{t('edit_user')}"
  .col-sm-6
    %h2.text-right.text-center-xs
-      = link_to(t('back_to_user'), [:admin, @user], class: 'btn btn-default')
+      = link_to(t('back_to_user'), [:admin, @admin_user], class: 'btn btn-default')
 %hr
 = render 'form'
--- a/app/views/admin/admin_users/index.haml
+++ b/app/views/admin/admin_users/index.haml
@ -1,9 +1,9 @@
 .row
  .col-sm-6
-    %h2.text-center-xs= t('users')
+    %h2.text-center-xs= t('admin_users')
  .col-sm-6
    %h2.text-right.text-center-xs
-      = link_to(t('create_new_user'), new_admin_user_path, class: 'btn btn-primary')
+      = link_to(t('create_new_user'), new_admin_admin_user_path, class: 'btn btn-primary')
 %hr
 .row
  .col-md-12
@ -20,7 +20,7 @@
            %th{class: 'col-xs-2'}
              = sort_link(@q, 'role', t('role'))
        %tbody
-          - @users.each do |x|
+          - @admin_users.each do |x|
            %tr
              %td= link_to(x, [:admin, x])
              %td= x.email
@ -31,4 +31,4 @@
                %td
 .row
  .col-md-12
-    = paginate @users
+    = paginate @admin_users
--- a/app/views/admin/admin_users/new.haml
+++ b/app/views/admin/admin_users/new.haml
--- a/app/views/admin/admin_users/show.haml
+++ b/app/views/admin/admin_users/show.haml
@ -4,15 +4,15 @@
      = "#{t('user_details')}"
  .col-sm-6
    %h2.text-right.text-center-xs
-      = link_to(t('edit'), edit_admin_user_path(@user), class: 'btn btn-primary')
-      = link_to(t('delete'), admin_user_path(@user), method: :delete, data: { confirm: t('are_you_sure') }, class: 'btn btn-danger')
+      = link_to(t('edit'), edit_admin_admin_user_path(@admin_user), class: 'btn btn-primary')
+      = link_to(t('delete'), admin_admin_user_path(@admin_user), method: :delete, data: { confirm: t('are_you_sure') }, class: 'btn btn-danger')

 %hr
- if @user.errors.any?
-  - @user.errors.each do |attr, err|
+- if @admin_user.errors.any?
+  - @admin_user.errors.each do |attr, err|
    = err
    %br
- if @user.errors.any?
+- if @admin_user.errors.any?
  %hr
 .row
  .col-md-6
@ -22,13 +22,13 @@
      .panel-body
        %dl.dl-horizontal
          %dt= t('username')
-          %dd= @user.username
+          %dd= @admin_user.username

          %dt= t('password')
-          %dd= @user.password
+          %dd= @admin_user.password

          %dt= t('identity_code')
-          %dd= @user.identity_code
+          %dd= @admin_user.identity_code

  .col-md-6
    .panel.panel-default
@ -37,10 +37,10 @@
      .panel-body
        %dl.dl-horizontal
          %dt= t('email')
-          %dd= @user.email
+          %dd= @admin_user.email

          %dt= t('role')
-          - if @user.roles
-            %dd= t(@user.roles.first)
+          - if @admin_user.roles
+            %dd= t(@admin_user.roles.first)
          - else
            %dd
--- a/app/views/epp/poll/poll_ack.xml.builder
+++ b/app/views/epp/poll/poll_ack.xml.builder
@ -4,7 +4,7 @@ xml.epp_head do
      xml.msg 'Command completed successfully'
    end

-    xml.tag!('msgQ', 'count' => current_api_user.queued_messages.count, 'id' => @message.id)
+    xml.tag!('msgQ', 'count' => current_user.queued_messages.count, 'id' => @message.id)

    xml << render('/epp/shared/trID')
  end
--- a/app/views/epp/poll/poll_keyrelay.xml.builder
+++ b/app/views/epp/poll/poll_keyrelay.xml.builder
@ -10,7 +10,7 @@ xml.epp(
      xml.msg 'Command completed successfully; ack to dequeue'
    end

-    xml.tag!('msgQ', 'count' => current_api_user.queued_messages.count, 'id' => @message.id) do
+    xml.tag!('msgQ', 'count' => current_user.queued_messages.count, 'id' => @message.id) do
      xml.qDate @message.created_at
      xml.msg @message.body
    end
--- a/app/views/epp/poll/poll_req.xml.builder
+++ b/app/views/epp/poll/poll_req.xml.builder
@ -4,7 +4,7 @@ xml.epp_head do
      xml.msg 'Command completed successfully; ack to dequeue'
    end

-    xml.tag!('msgQ', 'count' => current_api_user.queued_messages.count, 'id' => @message.id) do
+    xml.tag!('msgQ', 'count' => current_user.queued_messages.count, 'id' => @message.id) do
      xml.qDate @message.created_at
      xml.msg @message.body
    end
--- a/app/views/layouts/application.haml
+++ b/app/views/layouts/application.haml
@ -52,7 +52,7 @@

                  %li.divider
                  %li.dropdown-header= t('users')
-                  %li= link_to t(:admin_users), admin_users_path
+                  %li= link_to t(:admin_users), admin_admin_users_path
                  %li= link_to t(:api_users), admin_api_users_path

          %ul.nav.navbar-nav.navbar-right