Refactor Devise integration

- Use scoped users
- Use the named route helpers instead of hardcoded paths
This commit is contained in:
Artur Beljajev 2018-06-20 12:21:22 +03:00
parent c31f507c25
commit 9684c8e59f
52 changed files with 313 additions and 280 deletions

View file

@ -1,10 +1,20 @@
module Admin
class BaseController < ApplicationController
before_action :authenticate_user!
before_action :authenticate_admin_user!
helper_method :head_title_sufix
def head_title_sufix
t(:admin_head_title_sufix)
end
private
def current_ability
@current_ability ||= Ability.new(current_admin_user)
end
def user_for_paper_trail
current_admin_user.present? ? current_admin_user.id_role_username : 'public'
end
end
end
end

View file

@ -6,7 +6,7 @@ module Admin
def update
authorize! :update, :pending
if registrant_verification.domain_registrant_delete_confirm!("admin #{current_user.username}")
if registrant_verification.domain_registrant_delete_confirm!("admin #{current_admin_user.username}")
redirect_to admin_domain_path(@domain.id), notice: t(:pending_applied)
else
redirect_to admin_domain_path(@domain.id), alert: t(:failure)
@ -16,7 +16,7 @@ module Admin
def destroy
authorize! :destroy, :pending
if registrant_verification.domain_registrant_delete_reject!("admin #{current_user.username}")
if registrant_verification.domain_registrant_delete_reject!("admin #{current_admin_user.username}")
redirect_to admin_domain_path(@domain.id), notice: t(:pending_removed)
else
redirect_to admin_domain_path(@domain.id), alert: t(:failure)

View file

@ -6,7 +6,7 @@ module Admin
def update
authorize! :update, :pending
if registrant_verification.domain_registrant_change_confirm!("admin #{current_user.username}")
if registrant_verification.domain_registrant_change_confirm!("admin #{current_admin_user.username}")
redirect_to admin_domain_path(@domain.id), notice: t(:pending_applied)
else
redirect_to edit_admin_domain_path(@domain.id), alert: t(:failure)
@ -15,7 +15,7 @@ module Admin
def destroy
authorize! :destroy, :pending
if registrant_verification.domain_registrant_change_reject!("admin #{current_user.username}")
if registrant_verification.domain_registrant_change_reject!("admin #{current_admin_user.username}")
redirect_to admin_domain_path(@domain.id), notice: t(:pending_removed)
else
redirect_to admin_domain_path(@domain.id), alert: t(:failure)

View file

@ -1,8 +1,6 @@
module Admin
class SessionsController < Devise::SessionsController
skip_authorization_check only: :create
def login
def new
@admin_user = AdminUser.new
end
@ -10,19 +8,28 @@ module Admin
if params[:admin_user].blank?
@admin_user = AdminUser.new
flash[:alert] = 'Something went wrong'
return render 'login'
return render :new
end
@admin_user = AdminUser.find_by(username: params[:admin_user][:username])
@admin_user ||= AdminUser.new(username: params[:admin_user][:username])
if @admin_user.valid_password?(params[:admin_user][:password])
sign_in @admin_user, event: :authentication
redirect_to admin_root_url, notice: I18n.t(:welcome)
sign_in_and_redirect(:admin_user, @admin_user, event: :authentication)
else
flash[:alert] = 'Authorization error'
render 'login'
render :new
end
end
private
def after_sign_in_path_for(resource_or_scope)
admin_root_path
end
def after_sign_out_path_for(resource_or_scope)
new_admin_user_session_path
end
end
end
end