Add registrar dashboard #2713

app/controllers/registrar/dashboard_controller.rb

@@ -0,0 +1,17 @@
+class Registrar::DashboardController < RegistrarController
+  authorize_resource class: false
+
+  def show
+    if can?(:show, :poll)
+      redirect_to registrar_poll_url and return
+    elsif can?(:show, Invoice)
+      redirect_to registrar_invoices_url and return
+    end
+
+    # if current_user.try(:roles) == ['billing']
+    #   redirect_to registrar_invoices_url and return
+    # elsif can?(:show, :poll)
+    #   redirect_to registrar_poll_url and return
+    # end
+  end
+end

app/controllers/registrar/domains_controller.rb

@@ -46,7 +46,7 @@ class Registrar::DomainsController < Registrar::DeppController # EPP controller
   # rubocop: enable Metrics/AbcSize
 
   def info
-    authorize! :view, Depp::Domain
+    authorize! :info, Depp::Domain
     @data = @domain.info(params[:domain_name]) if params[:domain_name]
     if response_ok?
       render 'info'
@@ -57,7 +57,7 @@ class Registrar::DomainsController < Registrar::DeppController # EPP controller
   end
 
   def check
-    authorize! :view, Depp::Domain
+    authorize! :check, Depp::Domain
     if params[:domain_name]
       @data = @domain.check(params[:domain_name])
       render 'check_index' and return unless response_ok?

app/controllers/registrar/polls_controller.rb

@@ -1,13 +1,14 @@
 class Registrar::PollsController < Registrar::DeppController # EPP controller
+  authorize_resource class: false
   before_action :init_epp_xml
 
   def show
-    authorize! :view, :registrar_dashboard
+    # authorize! :view, :registrar_dashboard
     @data = depp_current_user.request(@ex.poll)
   end
 
   def destroy
-    authorize! :delete, :registrar_poll
+    # authorize! :delete, :registrar_poll
     @data = depp_current_user.request(@ex.poll(poll: {
       value: '', attrs: { op: 'ack', msgID: params[:id] }
     }))
@@ -18,22 +19,23 @@ class Registrar::PollsController < Registrar::DeppController # EPP controller
     render 'show'
   end
 
-  def confirm_keyrelay
-    authorize! :confirm, :keyrelay
-    domain_params = params[:domain]
-    @data = @domain.confirm_keyrelay(domain_params)
+  # TODO: Keyrelay is disabled for now
+  # def confirm_keyrelay
+  #   authorize! :confirm, :keyrelay
+  #   domain_params = params[:domain]
+  #   @data = @domain.confirm_keyrelay(domain_params)
 
-    if response_ok?
-      redirect_to info_registrar_domains_url(domain_name: domain_params[:name])
-    else
-      @results = @data.css('result')
-      @data = depp_current_user.request(@ex.poll)
-      render 'show'
-    end
-  end
+  #   if response_ok?
+  #     redirect_to info_registrar_domains_url(domain_name: domain_params[:name])
+  #   else
+  #     @results = @data.css('result')
+  #     @data = depp_current_user.request(@ex.poll)
+  #     render 'show'
+  #   end
+  # end
 
   def confirm_transfer
-    authorize! :confirm, :transfer
+    # authorize! :confirm, :transfer
     domain_params = params[:domain]
     @data = @domain.confirm_transfer(domain_params)
 

app/controllers/registrar/sessions_controller.rb

@@ -47,10 +47,10 @@ class Registrar::SessionsController < Devise::SessionsController
       end
     end
 
-    if @depp_user.errors.none? && @depp_user.valid?
+    if @depp_user.errors.none?
       if @api_user.active?
         sign_in @api_user
-        redirect_to role_base_root_url(@api_user)
+        redirect_to registrar_root_url
       else
         @depp_user.errors.add(:base, :not_active)
         render 'login'
@@ -71,17 +71,17 @@ class Registrar::SessionsController < Devise::SessionsController
         redirect_to :back and return
       end
 
-      if @api_user.can?(:create, :epp_login)
-        unless @api_user.registrar.api_ip_white?(request.ip)
-          flash[:alert] = I18n.t(:ip_is_not_whitelisted)
-          redirect_to :back and return
-        end
-      end
+      # if @api_user.can?(:create, :epp_login)
+      #   unless @api_user.registrar.api_ip_white?(request.ip)
+      #     flash[:alert] = I18n.t(:ip_is_not_whitelisted)
+      #     redirect_to :back and return
+      #   end
+      # end
     end
 
     sign_in @api_user if @api_user.identity_code == current_user.identity_code
 
-    redirect_to :back
+    redirect_to registrar_root_url
   end
   # rubocop:enable Metrics/CyclomaticComplexity
   # rubocop:enable Metrics/PerceivedComplexity
@@ -91,7 +91,7 @@ class Registrar::SessionsController < Devise::SessionsController
 
     if @user
       sign_in(@user, event: :authentication)
-      redirect_to role_base_root_url(@user)
+      redirect_to registrar_root_url
     else
       flash[:alert] = t('no_such_user')
       redirect_to registrar_login_url
@@ -111,7 +111,7 @@ class Registrar::SessionsController < Devise::SessionsController
     if Rails.env.test? && phone == "123"
       @user = ApiUser.find_by(identity_code: "14212128025")
       sign_in(@user, event: :authentication)
-      return redirect_to role_base_root_url(@user)
+      return redirect_to registrar_root_url
     end
 
     # country_codes = {'+372' => 'EST'}
@@ -159,7 +159,7 @@ class Registrar::SessionsController < Devise::SessionsController
       sign_in @user
       flash[:notice] = t(:welcome)
       flash.keep(:notice)
-      render js: "window.location = '#{role_base_root_url(@user)}'"
+      render js: "window.location = '#{registrar_root_url}'"
     when 'NOT_VALID'
       render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
     when 'EXPIRED_TRANSACTION'
@@ -196,12 +196,4 @@ class Registrar::SessionsController < Devise::SessionsController
     return if WhiteIp.registrar_ip_white?(request.ip)
     render text: t('access_denied') and return
   end
-
-  def role_base_root_url(user)
-    if user.try(:roles) == ['billing']
-      registrar_invoices_url
-    else
-      registrar_root_url
-    end
-  end
 end

app/controllers/registrar/xml_consoles_controller.rb

@@ -1,10 +1,10 @@
 class Registrar::XmlConsolesController < Registrar::DeppController # EPP controller
+  authorize_resource class: false
+
   def show
-    authorize! :view, :registrar_xml_console
   end
 
   def create
-    authorize! :create, :registrar_xml_console
     begin
       @result = depp_current_user.server.request(params[:payload])
     rescue
@@ -14,7 +14,6 @@ class Registrar::XmlConsolesController < Registrar::DeppController # EPP control
   end
 
   def load_xml
-    authorize! :create, :registrar_xml_console
     cl_trid = "#{depp_current_user.tag}-#{Time.zone.now.to_i}"
     xml_dir_path = Rails.root + 'app/views/registrar/xml_consoles/epp_requests'
     xml = File.read("#{xml_dir_path}/#{params[:obj]}/#{params[:epp_action]}.xml")

app/controllers/registrar_controller.rb

@@ -17,15 +17,15 @@ class RegistrarController < ApplicationController
       sign_out(current_user)
       return
     end
-    return if Rails.env.development?
+    # return if Rails.env.development?
     registrar_ip_whitelisted = current_user.registrar.registrar_ip_white?(request.ip)
 
-    api_ip_whitelisted = true
-    if current_user.can?(:create, :epp_request)
-      api_ip_whitelisted = current_user.registrar.api_ip_white?(request.ip)
-    end
+    # api_ip_whitelisted = true
+    # if current_user.can?(:create, :epp_request)
+    #   api_ip_whitelisted = current_user.registrar.api_ip_white?(request.ip)
+    # end
 
-    return if registrar_ip_whitelisted && api_ip_whitelisted
+    return if registrar_ip_whitelisted # && api_ip_whitelisted
     flash[:alert] = t('ip_is_not_whitelisted')
     sign_out(current_user)
     redirect_to registrar_login_path and return
@@ -37,4 +37,10 @@ class RegistrarController < ApplicationController
   def head_title_sufix
     t(:registrar_head_title_sufix)
   end
+
+  private
+
+  def current_ability
+    @current_ability ||= Ability.new(current_user, request.remote_ip)
+  end
 end

app/models/ability.rb

@@ -4,7 +4,8 @@ class Ability
   # rubocop: disable Metrics/PerceivedComplexity
   # rubocop: disable Metrics/LineLength
   # rubocop: disable Metrics/AbcSize
-  def initialize(user)
+  def initialize(user, ip = nil)
+    @ip = ip
     alias_action :show, to: :view
     alias_action :show, :create, :update, :destroy, to: :crud
 
@@ -35,14 +36,27 @@ class Ability
   end
 
   def epp # Registrar/api_user dynamic role
-    static_registrar
+    # static_registrar
+    can :view, :registrar_dashboard
+
+    if @user.registrar.api_ip_white?(@ip)
+      can :manage, :poll
+      can :manage, Depp::Contact
+      # can :manage, Depp::Domain
+      # can :renew,  Depp::Domain
+      # can :transfer, Depp::Domain
+      # can :manage, Depp::Keyrelay # TODO: Keyrelay is disabled for now
+      # can :confirm, :keyrelay # TODO: Keyrelay is disabled for now
+      can :manage, :xml_console
+      can :manage,   Depp::Domain
+    end
 
     # REPP
     can(:manage, :repp)
 
     # EPP
-    can(:create, :epp_login) # billing can establis epp connection in order to login
-    can(:create, :epp_request)
+    can(:create, :epp_login) # billing can establish epp connection in order to login
+    # can(:create, :epp_request)
 
     # Epp::Domain
     can(:info,     Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || pw.blank? ? true : d.auth_info == pw }
@@ -70,7 +84,7 @@ class Ability
     can(:manage, Invoice) { |i| i.buyer_id == @user.registrar_id }
     can :manage, :deposit
     can :read, AccountActivity
-    can(:create, :epp_login) # billing can establis epp connection in order to login
+    #can(:create, :epp_login) # billing can establis epp connection in order to login
   end
 
   def customer_service # Admin/admin_user dynamic role
@@ -112,17 +126,17 @@ class Ability
   # Static roles, linked from dynamic roles
   #
   def static_registrar
-    can :manage, Nameserver
-    can :view, :registrar_dashboard
-    can :delete, :registrar_poll
-    can :manage, :registrar_xml_console
-    can :manage, Depp::Contact
-    can :manage, Depp::Domain
-    can :renew,  Depp::Domain
-    can :transfer, Depp::Domain
-    can :manage, Depp::Keyrelay
-    can :confirm, :keyrelay
-    can :confirm, :transfer
+    #can :manage, Nameserver
+    # can :view, :registrar_dashboard
+    # can :delete, :registrar_poll
+    # can :manage, :registrar_xml_console
+    # can :manage, Depp::Contact
+    # can :manage, Depp::Domain
+    # can :renew,  Depp::Domain
+    # can :transfer, Depp::Domain
+    # can :manage, Depp::Keyrelay
+    # can :confirm, :keyrelay
+    # can :confirm, :transfer
   end
 
   def static_registrant

app/views/layouts/registrar/application.haml

@@ -44,7 +44,7 @@
                 - active_class = ['registrar/invoices'].include?(params[:controller]) ? 'active' :nil
                 %li{class: active_class}= link_to t(:billing), registrar_invoices_path
 
-              - if !Rails.env.production? && can?(:view, :registrar_xml_console)
+              - if !Rails.env.production? && can?(:manage, :xml_console)
                 - active_class = ['registrar/xml_consoles'].include?(params[:controller]) ? 'active' :nil
                 %li{class: active_class}= link_to t(:xml_console), registrar_xml_console_path
 

app/views/registrar/dashboard/show.haml

@@ -0,0 +1,3 @@
+.panel.panel-default
+  .panel-body
+    = t('welcome_to_eis_registrar_portal')

config/locales/en.yml

@@ -920,3 +920,4 @@ en:
   failure: "It was not saved"
   contact_is_not_valid: 'Contact %{value} is not valid, please fix the invalid contact'
   force_delete_subject: 'Kustutusmenetluse teade'
+  welcome_to_eis_registrar_portal: 'Welcome to EIS Registrar portal'

config/routes.rb

@@ -19,7 +19,9 @@ Rails.application.routes.draw do
 
   # REGISTRAR ROUTES
   namespace :registrar do
-    root 'polls#show'
+    resource :dashboard
+    root 'dashboard#show'
+    # root 'polls#show'
 
     resources :invoices do
       member do