Lock down the controllers

2025-08-05 17:28:18 +02:00 · 2014-12-19 13:45:17 +02:00 · 2014-12-19 13:45:17 +02:00 · 3b1e632ab7
commit 3b1e632ab7
parent 3045c08b3e
36 changed files with 166 additions and 97 deletions
--- a/app/views/admin/dashboards/show.haml
+++ b/app/views/admin/dashboards/show.haml
--- a/app/views/admin/domains/index.haml
+++ b/app/views/admin/domains/index.haml
@ -33,7 +33,7 @@
          - @domains.each do |x|
            %tr
              %td= link_to(x, admin_domain_path(x))
-              %td= link_to(x.registrar, root_path) if x.registrar
+              %td= link_to(x.registrar, admin_registrar_path(x.registrar)) if x.registrar
              %td= link_to(x.owner_contact, [:admin, x.owner_contact])
              %td= l(x.valid_to, format: :short)
 .row
--- a/app/views/admin/users/_form.haml
+++ b/app/views/admin/users/_form.haml
@ -21,15 +21,14 @@
        = f.label :identity_code
        = f.text_field(:identity_code, class: 'form-control')

-    .col-md-6.text-left
+    .col-md-6
      .form-group
        = f.label :email
        = f.text_field(:email, class: 'form-control')
      .form-group
-        .checkbox
-          %label{for: 'user_admin'}
-            = f.check_box(:admin, class: 'js-admin')
-            = t('shared.admin')
+        = f.label :role_id
+        = f.select(:role_id, Role.all.map {|x| [t(x.code), x.id] }, {}, { class: 'form-control selectize' })
+
  %hr
  .row
    .col-md-12.text-right
--- a/app/views/admin/users/index.haml
+++ b/app/views/admin/users/index.haml
@ -18,14 +18,17 @@
            %th{class: 'col-xs-2'}
              = sort_link(@q, 'identity_code', t('shared.identity_code'))
            %th{class: 'col-xs-2'}
-              = sort_link(@q, 'admin', t('shared.admin'))
+              = sort_link(@q, 'role', t('role'))
        %tbody
          - @users.each do |x|
            %tr
              %td= link_to(x, [:admin, x])
              %td= x.email
              %td= x.identity_code
-              %td= x.admin
+              - if x.role
+                %td= t(x.role)
+              - else
+                %td
 .row
  .col-md-12
    = paginate @users
--- a/app/views/admin/users/show.haml
+++ b/app/views/admin/users/show.haml
@ -39,5 +39,8 @@
          %dt= t('shared.email')
          %dd= @user.email

-          %dt= t('shared.admin')
-          %dd= @user.admin
+          %dt= t('role')
+          - if @user.role
+            %dd= t(@user.role)
+          - else
+            %dd
--- a/app/views/admin/zonefiles/index.haml
+++ b/app/views/admin/zonefiles/index.haml
@ -1,9 +0,0 @@
-.row
-  .col-sm-12
-    %h2.text-center-xs
-      = "#{t('zonefile')}"
-%hr
-.row
-  .col-md-12
-    = preserve do
-      %pre= @zonefile
--- a/app/views/layouts/application.haml
+++ b/app/views/layouts/application.haml
@ -26,21 +26,22 @@
            %li= link_to t('shared.domains'), admin_domains_path
            %li= link_to t('shared.contacts'), admin_contacts_path
            %li= link_to t('shared.registrars'), admin_registrars_path
-            %li.dropdown
-              %a.dropdown-toggle{"data-toggle" => "dropdown", href: "#"}
-                = t('shared.settings')
-                %span.caret
-              %ul.dropdown-menu{role: "menu"}
-                %li.dropdown-header= t('shared.system')
-                %li= link_to t('shared.settings'), admin_settings_path
-                %li= link_to t('zonefile'), admin_zonefile_settings_path
-                %li= link_to t(:domains_history), admin_domain_versions_path
-                %li= link_to t(:background_jobs), admin_delayed_jobs_path
+            - if can?(:access, :settings_menu)
+              %li.dropdown
+                %a.dropdown-toggle{"data-toggle" => "dropdown", href: "#"}
+                  = t('shared.settings')
+                  %span.caret
+                %ul.dropdown-menu{role: "menu"}
+                  %li.dropdown-header= t('shared.system')
+                  %li= link_to t('shared.settings'), admin_settings_path
+                  %li= link_to t('zonefile'), admin_zonefile_settings_path
+                  %li= link_to t(:domains_history), admin_domain_versions_path
+                  %li= link_to t(:background_jobs), admin_delayed_jobs_path

-                %li.divider
-                %li.dropdown-header= t('shared.users')
-                %li= link_to t(:admin_users), admin_users_path
-                %li= link_to t(:epp_users), admin_epp_users_path
+                  %li.divider
+                  %li.dropdown-header= t('shared.users')
+                  %li= link_to t(:admin_users), admin_users_path
+                  %li= link_to t(:epp_users), admin_epp_users_path

          %ul.nav.navbar-nav.navbar-right
            %li= link_to t('shared.log_out', user: current_user), '/logout'
--- a/app/views/layouts/login.haml
+++ b/app/views/layouts/login.haml
@ -21,9 +21,8 @@
        %h2.form-signin-heading.text-center Eesti Interneti SA
        %hr
        / TODO: Refactor this when ID card login is done
-        - if can? :create, :admin_session
-          = button_to 'ID card (user1)', 'sessions',
-            class: 'btn btn-lg btn-primary btn-block', name: 'user1'
-          = button_to 'ID card (user2)', 'sessions',
-            class: 'btn btn-lg btn-primary btn-block', name: 'user2'
+        = button_to 'ID card (user1)', 'sessions',
+          class: 'btn btn-lg btn-primary btn-block', name: 'user1'
+        = button_to 'ID card (user2)', 'sessions',
+          class: 'btn btn-lg btn-primary btn-block', name: 'user2'