Merge branch 'master' into registry-790

2025-06-08 05:34:46 +02:00 · 2018-08-27 15:24:05 +03:00 · 2018-08-27 15:24:05 +03:00 · 3d51a93f95
commit 3d51a93f95
parent 4b2948986b a2361789e4
104 changed files with 728 additions and 557 deletions
--- a/app/controllers/admin/api_users_controller.rb
+++ b/app/controllers/admin/api_users_controller.rb
@ -32,7 +32,10 @@ module Admin
    end

    def update
-      params[:api_user].delete(:password) if params[:api_user][:password].blank?
+      if params[:api_user][:plain_text_password].blank?
+        params[:api_user].delete(:plain_text_password)
+      end
+
      if @api_user.update(api_user_params)
        flash[:notice] = I18n.t('record_updated')
        redirect_to [:admin, @api_user]
@ -59,7 +62,7 @@ module Admin
    end

    def api_user_params
-      params.require(:api_user).permit(:username, :password, :active,
+      params.require(:api_user).permit(:username, :plain_text_password, :active,
                                       :registrar_id, :registrar_typeahead,
                                       :identity_code, { roles: [] })
    end
--- a/app/controllers/admin/base_controller.rb
+++ b/app/controllers/admin/base_controller.rb
@ -1,10 +1,20 @@
 module Admin
  class BaseController < ApplicationController
-    before_action :authenticate_user!
+    before_action :authenticate_admin_user!
    helper_method :head_title_sufix

    def head_title_sufix
      t(:admin_head_title_sufix)
    end
+
+    private
+
+    def current_ability
+      @current_ability ||= Ability.new(current_admin_user)
+    end
+
+    def user_for_paper_trail
+      current_admin_user ? current_admin_user.id_role_username : 'anonymous'
+    end
  end
-end
+end
--- a/app/controllers/admin/dashboard_controller.rb
+++ b/app/controllers/admin/dashboard_controller.rb
@ -0,0 +1,7 @@
+module Admin
+  class DashboardController < BaseController
+    authorize_resource class: false
+
+    def show; end
+  end
+end
--- a/app/controllers/admin/dashboards_controller.rb
+++ b/app/controllers/admin/dashboards_controller.rb
@ -1,9 +0,0 @@
-module Admin
-  class DashboardsController < BaseController
-    authorize_resource class: false
-
-    def show
-      redirect_to [:admin, :domains] if can? :show, Domain
-    end
-  end
-end
--- a/app/controllers/admin/pending_deletes_controller.rb
+++ b/app/controllers/admin/pending_deletes_controller.rb
@ -6,7 +6,7 @@ module Admin
    def update
      authorize! :update, :pending

-      if registrant_verification.domain_registrant_delete_confirm!("admin #{current_user.username}")
+      if registrant_verification.domain_registrant_delete_confirm!("admin #{current_admin_user.username}")
        redirect_to admin_domain_path(@domain.id), notice: t(:pending_applied)
      else
        redirect_to admin_domain_path(@domain.id), alert: t(:failure)
@ -16,7 +16,7 @@ module Admin
    def destroy
      authorize! :destroy, :pending

-      if registrant_verification.domain_registrant_delete_reject!("admin #{current_user.username}")
+      if registrant_verification.domain_registrant_delete_reject!("admin #{current_admin_user.username}")
        redirect_to admin_domain_path(@domain.id), notice: t(:pending_removed)
      else
        redirect_to admin_domain_path(@domain.id), alert: t(:failure)
--- a/app/controllers/admin/pending_updates_controller.rb
+++ b/app/controllers/admin/pending_updates_controller.rb
@ -6,7 +6,7 @@ module Admin
    def update
      authorize! :update, :pending

-      if registrant_verification.domain_registrant_change_confirm!("admin #{current_user.username}")
+      if registrant_verification.domain_registrant_change_confirm!("admin #{current_admin_user.username}")
        redirect_to admin_domain_path(@domain.id), notice: t(:pending_applied)
      else
        redirect_to edit_admin_domain_path(@domain.id), alert: t(:failure)
@ -15,7 +15,7 @@ module Admin

    def destroy
      authorize! :destroy, :pending
-      if registrant_verification.domain_registrant_change_reject!("admin #{current_user.username}")
+      if registrant_verification.domain_registrant_change_reject!("admin #{current_admin_user.username}")
        redirect_to admin_domain_path(@domain.id), notice: t(:pending_removed)
      else
        redirect_to admin_domain_path(@domain.id), alert: t(:failure)
--- a/app/controllers/admin/sessions_controller.rb
+++ b/app/controllers/admin/sessions_controller.rb
@ -1,28 +1,17 @@
 module Admin
  class SessionsController < Devise::SessionsController
-    skip_authorization_check only: :create
+    private

-    def login
-      @admin_user = AdminUser.new
+    def after_sign_in_path_for(_resource_or_scope)
+      admin_domains_path
    end

-    def create
-      if params[:admin_user].blank?
-        @admin_user = AdminUser.new
-        flash[:alert] = 'Something went wrong'
-        return render 'login'
-      end
+    def after_sign_out_path_for(_resource_or_scope)
+      new_admin_user_session_path
+    end

-      @admin_user = AdminUser.find_by(username: params[:admin_user][:username])
-      @admin_user ||= AdminUser.new(username: params[:admin_user][:username])
-
-      if @admin_user.valid_password?(params[:admin_user][:password])
-        sign_in @admin_user, event: :authentication
-        redirect_to admin_root_url, notice: I18n.t(:welcome)
-      else
-        flash[:alert] = 'Authorization error'
-        render 'login'
-      end
+    def user_for_paper_trail
+      current_admin_user ? current_admin_user.id_role_username : 'anonymous'
    end
  end
-end
+end