Add registrar dashboard #2713

app/controllers/registrar/dashboard_controller.rb

@@ -0,0 +1,17 @@
+class Registrar::DashboardController < RegistrarController
+  authorize_resource class: false
+
+  def show
+    if can?(:show, :poll)
+      redirect_to registrar_poll_url and return
+    elsif can?(:show, Invoice)
+      redirect_to registrar_invoices_url and return
+    end
+
+    # if current_user.try(:roles) == ['billing']
+    #   redirect_to registrar_invoices_url and return
+    # elsif can?(:show, :poll)
+    #   redirect_to registrar_poll_url and return
+    # end
+  end
+end

app/controllers/registrar/domains_controller.rb

@@ -46,7 +46,7 @@ class Registrar::DomainsController < Registrar::DeppController # EPP controller
   # rubocop: enable Metrics/AbcSize
 
   def info
-    authorize! :view, Depp::Domain
+    authorize! :info, Depp::Domain
     @data = @domain.info(params[:domain_name]) if params[:domain_name]
     if response_ok?
       render 'info'
@@ -57,7 +57,7 @@ class Registrar::DomainsController < Registrar::DeppController # EPP controller
   end
 
   def check
-    authorize! :view, Depp::Domain
+    authorize! :check, Depp::Domain
     if params[:domain_name]
       @data = @domain.check(params[:domain_name])
       render 'check_index' and return unless response_ok?

app/controllers/registrar/polls_controller.rb

@@ -1,13 +1,14 @@
 class Registrar::PollsController < Registrar::DeppController # EPP controller
+  authorize_resource class: false
   before_action :init_epp_xml
 
   def show
-    authorize! :view, :registrar_dashboard
+    # authorize! :view, :registrar_dashboard
     @data = depp_current_user.request(@ex.poll)
   end
 
   def destroy
-    authorize! :delete, :registrar_poll
+    # authorize! :delete, :registrar_poll
     @data = depp_current_user.request(@ex.poll(poll: {
       value: '', attrs: { op: 'ack', msgID: params[:id] }
     }))
@@ -18,22 +19,23 @@ class Registrar::PollsController < Registrar::DeppController # EPP controller
     render 'show'
   end
 
-  def confirm_keyrelay
-    authorize! :confirm, :keyrelay
-    domain_params = params[:domain]
-    @data = @domain.confirm_keyrelay(domain_params)
+  # TODO: Keyrelay is disabled for now
+  # def confirm_keyrelay
+  #   authorize! :confirm, :keyrelay
+  #   domain_params = params[:domain]
+  #   @data = @domain.confirm_keyrelay(domain_params)
 
-    if response_ok?
-      redirect_to info_registrar_domains_url(domain_name: domain_params[:name])
-    else
-      @results = @data.css('result')
-      @data = depp_current_user.request(@ex.poll)
-      render 'show'
-    end
-  end
+  #   if response_ok?
+  #     redirect_to info_registrar_domains_url(domain_name: domain_params[:name])
+  #   else
+  #     @results = @data.css('result')
+  #     @data = depp_current_user.request(@ex.poll)
+  #     render 'show'
+  #   end
+  # end
 
   def confirm_transfer
-    authorize! :confirm, :transfer
+    # authorize! :confirm, :transfer
     domain_params = params[:domain]
     @data = @domain.confirm_transfer(domain_params)
 

app/controllers/registrar/sessions_controller.rb

@@ -47,10 +47,10 @@ class Registrar::SessionsController < Devise::SessionsController
       end
     end
 
-    if @depp_user.errors.none? && @depp_user.valid?
+    if @depp_user.errors.none?
       if @api_user.active?
         sign_in @api_user
-        redirect_to role_base_root_url(@api_user)
+        redirect_to registrar_root_url
       else
         @depp_user.errors.add(:base, :not_active)
         render 'login'
@@ -71,17 +71,17 @@ class Registrar::SessionsController < Devise::SessionsController
         redirect_to :back and return
       end
 
-      if @api_user.can?(:create, :epp_login)
-        unless @api_user.registrar.api_ip_white?(request.ip)
-          flash[:alert] = I18n.t(:ip_is_not_whitelisted)
-          redirect_to :back and return
-        end
-      end
+      # if @api_user.can?(:create, :epp_login)
+      #   unless @api_user.registrar.api_ip_white?(request.ip)
+      #     flash[:alert] = I18n.t(:ip_is_not_whitelisted)
+      #     redirect_to :back and return
+      #   end
+      # end
     end
 
     sign_in @api_user if @api_user.identity_code == current_user.identity_code
 
-    redirect_to :back
+    redirect_to registrar_root_url
   end
   # rubocop:enable Metrics/CyclomaticComplexity
   # rubocop:enable Metrics/PerceivedComplexity
@@ -91,7 +91,7 @@ class Registrar::SessionsController < Devise::SessionsController
 
     if @user
       sign_in(@user, event: :authentication)
-      redirect_to role_base_root_url(@user)
+      redirect_to registrar_root_url
     else
       flash[:alert] = t('no_such_user')
       redirect_to registrar_login_url
@@ -111,7 +111,7 @@ class Registrar::SessionsController < Devise::SessionsController
     if Rails.env.test? && phone == "123"
       @user = ApiUser.find_by(identity_code: "14212128025")
       sign_in(@user, event: :authentication)
-      return redirect_to role_base_root_url(@user)
+      return redirect_to registrar_root_url
     end
 
     # country_codes = {'+372' => 'EST'}
@@ -159,7 +159,7 @@ class Registrar::SessionsController < Devise::SessionsController
       sign_in @user
       flash[:notice] = t(:welcome)
       flash.keep(:notice)
-      render js: "window.location = '#{role_base_root_url(@user)}'"
+      render js: "window.location = '#{registrar_root_url}'"
     when 'NOT_VALID'
       render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
     when 'EXPIRED_TRANSACTION'
@@ -196,12 +196,4 @@ class Registrar::SessionsController < Devise::SessionsController
     return if WhiteIp.registrar_ip_white?(request.ip)
     render text: t('access_denied') and return
   end
-
-  def role_base_root_url(user)
-    if user.try(:roles) == ['billing']
-      registrar_invoices_url
-    else
-      registrar_root_url
-    end
-  end
 end

app/controllers/registrar/xml_consoles_controller.rb

@@ -1,10 +1,10 @@
 class Registrar::XmlConsolesController < Registrar::DeppController # EPP controller
+  authorize_resource class: false
+
   def show
-    authorize! :view, :registrar_xml_console
   end
 
   def create
-    authorize! :create, :registrar_xml_console
     begin
       @result = depp_current_user.server.request(params[:payload])
     rescue
@@ -14,7 +14,6 @@ class Registrar::XmlConsolesController < Registrar::DeppController # EPP control
   end
 
   def load_xml
-    authorize! :create, :registrar_xml_console
     cl_trid = "#{depp_current_user.tag}-#{Time.zone.now.to_i}"
     xml_dir_path = Rails.root + 'app/views/registrar/xml_consoles/epp_requests'
     xml = File.read("#{xml_dir_path}/#{params[:obj]}/#{params[:epp_action]}.xml")

app/controllers/registrar_controller.rb

@@ -17,15 +17,15 @@ class RegistrarController < ApplicationController
       sign_out(current_user)
       return
     end
-    return if Rails.env.development?
+    # return if Rails.env.development?
     registrar_ip_whitelisted = current_user.registrar.registrar_ip_white?(request.ip)
 
-    api_ip_whitelisted = true
-    if current_user.can?(:create, :epp_request)
-      api_ip_whitelisted = current_user.registrar.api_ip_white?(request.ip)
-    end
+    # api_ip_whitelisted = true
+    # if current_user.can?(:create, :epp_request)
+    #   api_ip_whitelisted = current_user.registrar.api_ip_white?(request.ip)
+    # end
 
-    return if registrar_ip_whitelisted && api_ip_whitelisted
+    return if registrar_ip_whitelisted # && api_ip_whitelisted
     flash[:alert] = t('ip_is_not_whitelisted')
     sign_out(current_user)
     redirect_to registrar_login_path and return
@@ -37,4 +37,10 @@ class RegistrarController < ApplicationController
   def head_title_sufix
     t(:registrar_head_title_sufix)
   end
+
+  private
+
+  def current_ability
+    @current_ability ||= Ability.new(current_user, request.remote_ip)
+  end
 end