From 61e2ea9823cd912a28554acee76f2983a88aee4a Mon Sep 17 00:00:00 2001
From: Priit Tamboom <priit@gitlab.eu>
Date: Wed, 8 Oct 2014 15:09:50 +0300
Subject: [PATCH] Refactored to use abilites for login

---
 app/controllers/application_controller.rb |  8 +++++---
 app/models/ability.rb                     | 18 +++++++++++++-----
 app/views/layouts/login.haml              | 11 +++++++----
 3 files changed, 25 insertions(+), 12 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 2ec156254..8a8397ab8 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -10,10 +10,12 @@ class ApplicationController < ActionController::Base
   end
 
   def after_sign_in_path_for(resource)
-    if REGISTRY_ENV == :admin && resource.admin?
-      (session[:user_return_to].nil?) ? admin_root_path : session[:user_return_to].to_s
+    return session[:user_return_to].to_s if session[:user_return_to]
+
+    if resource.admin? && can?(:create, :admin_session)
+      admin_root_path
     else
-      (session[:user_return_to].nil?) ? client_root_path : session[:user_return_to].to_s
+      client_root_path
     end
   end
 end
diff --git a/app/models/ability.rb b/app/models/ability.rb
index bd4e24dde..418515bbe 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -7,14 +7,22 @@ class Ability
 
     user ||= User.new
 
-    # public user abilites
-    can :create, :session
-
-    if REGISTRY_ENV == :admin
+    if Rails.env.production?
+      case REGISTRY_ENV
+      when :client
+        can :create, :session
+        admin = false
+      when :admin
+        can :create, :admin_session
+        admin = user.admin?
+      end
+    else
+      can :create, :session
       can :create, :admin_session
+      admin = user.admin?
     end
 
-    if (Rails.env.production? ? REGISTRY_ENV == :admin && user.admin? : user.admin?)
+    if admin
       can :manage, Domain
       can :switch, :registrar
       can :crud, DomainTransfer
diff --git a/app/views/layouts/login.haml b/app/views/layouts/login.haml
index 93634d9ae..4e3bbf69f 100644
--- a/app/views/layouts/login.haml
+++ b/app/views/layouts/login.haml
@@ -21,8 +21,11 @@
         %h2.form-signin-heading.text-center Eesti Interneti SA
         %hr
         / TODO: Refactor this when ID card login is done
-        - if Rails.env.development? || (can? :create, :admin_session)
-          = button_to 'ID card (gitlab)', 'sessions', class: 'btn btn-lg btn-primary btn-block', name: 'gitlab'
+        - if can? :create, :admin_session
+          = button_to 'ID card (gitlab)', 'sessions', 
+            class: 'btn btn-lg btn-primary btn-block', name: 'gitlab'
         - if can? :create, :session
-          = button_to 'ID card (zone)', 'sessions', class: 'btn btn-lg btn-primary btn-block', name: 'zone'
-          = button_to 'ID card (elkdata)', 'sessions', class: 'btn btn-lg btn-primary btn-block', name: 'elkdata'
+          = button_to 'ID card (zone)', 'sessions', 
+            class: 'btn btn-lg btn-primary btn-block', name: 'zone'
+          = button_to 'ID card (elkdata)', 'sessions', 
+            class: 'btn btn-lg btn-primary btn-block', name: 'elkdata'