Merge branch 'master' of github.com:domify/registry

2025-07-26 04:28:27 +02:00 · 2015-05-20 21:24:39 +03:00 · 2015-05-20 21:24:39 +03:00 · 6725b3cadc
commit 6725b3cadc
parent 45d62b8f6e 17bf5c373e
14 changed files with 96 additions and 33 deletions
--- a/app/controllers/admin/api_users_controller.rb
+++ b/app/controllers/admin/api_users_controller.rb
@ -55,6 +55,8 @@ class Admin::ApiUsersController < AdminController
  end

  def api_user_params
-    params.require(:api_user).permit(:username, :password, :active, :registrar_id, :registrar_typeahead, :identity_code)
+    params.require(:api_user).permit(:username, :password, :active, 
+                                     :registrar_id, :registrar_typeahead, 
+                                     :identity_code, { roles: [] })
  end
 end
--- a/app/controllers/registrar/sessions_controller.rb
+++ b/app/controllers/registrar/sessions_controller.rb
@ -35,7 +35,7 @@ class Registrar::SessionsController < Devise::SessionsController
      @api_user = ApiUser.find_by(username: params[:depp_user][:tag])
      if @api_user.active?
        sign_in @api_user
-        redirect_to registrar_root_url
+        redirect_to role_base_root_url(@api_user)
      else
        @depp_user.errors.add(:base, :not_active)
        render 'login'
@ -52,7 +52,7 @@ class Registrar::SessionsController < Devise::SessionsController

    if @user
      sign_in(@user, event: :authentication)
-      redirect_to registrar_root_url
+      redirect_to role_base_root_url(@user)
    else
      flash[:alert] = t('no_such_user')
      redirect_to registrar_login_url
@ -70,7 +70,7 @@ class Registrar::SessionsController < Devise::SessionsController
    if Rails.env.test? && phone == "123"
      @user = ApiUser.find_by(identity_code: "14212128025")
      sign_in(@user, event: :authentication)
-      return redirect_to registrar_root_url
+      return redirect_to role_base_root_url(@user)
    end

    # country_codes = {'+372' => 'EST'}
@ -112,7 +112,7 @@ class Registrar::SessionsController < Devise::SessionsController
      sign_in @user
      flash[:notice] = t(:welcome)
      flash.keep(:notice)
-      render js: "window.location = '#{registrar_root_path}'"
+      render js: "window.location = '#{role_base_root_url(@user)}'"
    when 'NOT_VALID'
      render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
    when 'EXPIRED_TRANSACTION'
@ -145,7 +145,16 @@ class Registrar::SessionsController < Devise::SessionsController
  private

  def check_ip
+    return if Rails.env.development?
    return if WhiteIp.registrar_ip_white?(request.ip)
    render text: t('access_denied') and return
  end
+
+  def role_base_root_url(user)
+    if user.try(:roles) == ['billing']
+      registrar_invoices_url
+    else
+      registrar_root_url
+    end
+  end
 end
--- a/app/controllers/registrar_controller.rb
+++ b/app/controllers/registrar_controller.rb
@ -12,6 +12,11 @@ class RegistrarController < ApplicationController

  def check_ip
    return unless current_user
+    unless current_user.is_a? ApiUser
+      sign_out(current_user)
+      return
+    end
+    return if Rails.env.development?
    return if current_user.registrar.registrar_ip_white?(request.ip)
    flash[:alert] = t('access_denied')
    sign_out(current_user)