Merge branch 'master' of github.com:internetee/registry

This commit is contained in:
Andres Keskküla 2014-12-19 13:47:17 +02:00
commit e33ab4dce9
44 changed files with 238 additions and 150 deletions

View file

@ -1,4 +1,5 @@
class Admin::ContactsController < AdminController
load_and_authorize_resource
before_action :set_contact, only: [:show]
def index

View file

@ -0,0 +1,5 @@
class Admin::DashboardsController < AdminController
authorize_resource class: false
def show; end
end

View file

@ -1,4 +1,6 @@
class Admin::DelayedJobsController < AdminController
authorize_resource class: false
def index
@jobs = Delayed::Job.all
end

View file

@ -1,4 +1,6 @@
class Admin::DomainVersionsController < AdminController
load_and_authorize_resource
def index
@q = DomainVersion.deleted.search(params[:q])
@domains = @q.result.page(params[:page])

View file

@ -1,4 +1,5 @@
class Admin::DomainsController < AdminController
load_and_authorize_resource
before_action :set_domain, only: [:show, :edit, :update, :zonefile]
def index

View file

@ -1,4 +1,5 @@
class Admin::EppUsersController < AdminController
load_and_authorize_resource
before_action :set_epp_user, only: [:show, :edit, :update, :destroy]
def index

View file

@ -1,4 +1,5 @@
class Admin::RegistrarsController < AdminController
load_and_authorize_resource
before_action :set_registrar, only: [:show, :edit, :update, :destroy]
def search
render json: Registrar.search_by_query(params[:q])

View file

@ -1,4 +1,5 @@
class Admin::SettingsController < AdminController
load_and_authorize_resource
before_action :set_setting_group, only: [:show, :update]
def index

View file

@ -1,4 +1,5 @@
class Admin::UsersController < AdminController
load_and_authorize_resource
before_action :set_user, only: [:show, :edit, :update, :destroy]
def index
@ -54,6 +55,6 @@ class Admin::UsersController < AdminController
def user_params
params.require(:user).permit(:username, :password, :identity_code, :email,
:admin, :country_id)
:role_id, :country_id)
end
end

View file

@ -1,4 +1,5 @@
class Admin::ZonefileSettingsController < ApplicationController
load_and_authorize_resource
before_action :set_zonefile_setting, only: [:update, :edit]
def index
@zonefile_settings = ZonefileSetting.all

View file

@ -1,8 +1,7 @@
class Admin::ZonefilesController < ApplicationController
authorize_resource class: false
# TODO: Refactor this
# rubocop:disable Metrics/MethodLength
def index
end
def create
if ZonefileSetting.pluck(:origin).include?(params[:origin])

View file

@ -1,7 +1,3 @@
class AdminController < ApplicationController
# before_action :verify_admin
def verify_admin
redirect_to client_root_path unless current_user.try(:admin?)
end
check_authorization
end

View file

@ -14,3 +14,9 @@ class ApplicationController < ActionController::Base
admin_root_path
end
end
class ApplicationController < ActionController::Base
rescue_from CanCan::AccessDenied do |exception|
redirect_to admin_dashboard_path, alert: exception.message
end
end

View file

@ -8,8 +8,6 @@ class SessionsController < Devise::SessionsController
return redirect_to :back, alert: 'No user' if @user.blank?
session[:current_user_registrar_id] = Registrar.first.id if @user.admin?
flash[:notice] = I18n.t('shared.welcome')
sign_in_and_redirect @user, event: :authentication
# end
@ -18,10 +16,4 @@ class SessionsController < Devise::SessionsController
def login
render 'layouts/login', layout: false
end
def switch_registrar
authorize! :switch, :registrar
session[:current_user_registrar_id] = params[:registrar_id]
redirect_to client_root_path
end
end

View file

@ -8,38 +8,33 @@ class Ability
user ||= User.new
if Rails.env.production?
case REGISTRY_ENV
when :eedirekt
can :view, :eedirekt
can :create, :session
admin = false
when :registrar
can :view, :registrar
can :create, :session
admin = false
when :admin
can :create, :admin_session
admin = user.admin?
end
else
can :create, :session
can :create, :admin_session
admin = user.admin?
admin_role = (user.role.try(:code) == 'admin')
user_role = (user.role.try(:code) == 'user')
customer_service_role = (user.role.try(:code) == 'customer_service')
no_role = user.role.nil?
if admin_role
can :manage, Domain
can :manage, Contact
can :manage, Registrar
can :manage, Setting
can :manage, ZonefileSetting
can :manage, DomainVersion
can :manage, User
can :manage, EppUser
can :index, :delayed_job
can :create, :zonefile
can :access, :settings_menu
elsif customer_service_role
can :manage, Domain
can :manage, Contact
can :manage, Registrar
elsif user_role
elsif no_role
can :show, :dashboard
end
if admin
can :manage, Domain
can :switch, :registrar
can :crud, DomainTransfer
can :approve_as_client, DomainTransfer, status: DomainTransfer::PENDING
elsif user.persisted?
can :manage, Domain, registrar_id: user.registrar.id
can :read, DomainTransfer, transfer_to_id: user.registrar.id
can :read, DomainTransfer, transfer_from_id: user.registrar.id
can :approve_as_client, DomainTransfer,
transfer_from_id: user.registrar.id, status: DomainTransfer::PENDING
end
can :show, :dashboard if user.persisted?
# Define abilities for the passed in user here. For example:
#

View file

@ -3,4 +3,10 @@ class Role < ActiveRecord::Base
# rubocop: disable Rails/HasAndBelongsToMany
has_and_belongs_to_many :rights
# rubocop: enbale Rails/HasAndBelongsToMany
validates :code, uniqueness: true
def to_s
code
end
end

View file

View file

@ -33,7 +33,7 @@
- @domains.each do |x|
%tr
%td= link_to(x, admin_domain_path(x))
%td= link_to(x.registrar, root_path) if x.registrar
%td= link_to(x.registrar, admin_registrar_path(x.registrar)) if x.registrar
%td= link_to(x.owner_contact, [:admin, x.owner_contact])
%td= l(x.valid_to, format: :short)
.row

View file

@ -21,15 +21,14 @@
= f.label :identity_code
= f.text_field(:identity_code, class: 'form-control')
.col-md-6.text-left
.col-md-6
.form-group
= f.label :email
= f.text_field(:email, class: 'form-control')
.form-group
.checkbox
%label{for: 'user_admin'}
= f.check_box(:admin, class: 'js-admin')
= t('shared.admin')
= f.label :role_id
= f.select(:role_id, Role.all.map {|x| [t(x.code), x.id] }, {}, { class: 'form-control selectize' })
%hr
.row
.col-md-12.text-right

View file

@ -18,14 +18,17 @@
%th{class: 'col-xs-2'}
= sort_link(@q, 'identity_code', t('shared.identity_code'))
%th{class: 'col-xs-2'}
= sort_link(@q, 'admin', t('shared.admin'))
= sort_link(@q, 'role', t('role'))
%tbody
- @users.each do |x|
%tr
%td= link_to(x, [:admin, x])
%td= x.email
%td= x.identity_code
%td= x.admin
- if x.role
%td= t(x.role)
- else
%td
.row
.col-md-12
= paginate @users

View file

@ -39,5 +39,8 @@
%dt= t('shared.email')
%dd= @user.email
%dt= t('shared.admin')
%dd= @user.admin
%dt= t('role')
- if @user.role
%dd= t(@user.role)
- else
%dd

View file

@ -1,9 +0,0 @@
.row
.col-sm-12
%h2.text-center-xs
= "#{t('zonefile')}"
%hr
.row
.col-md-12
= preserve do
%pre= @zonefile

View file

@ -26,21 +26,22 @@
%li= link_to t('shared.domains'), admin_domains_path
%li= link_to t('shared.contacts'), admin_contacts_path
%li= link_to t('shared.registrars'), admin_registrars_path
%li.dropdown
%a.dropdown-toggle{"data-toggle" => "dropdown", href: "#"}
= t('shared.settings')
%span.caret
%ul.dropdown-menu{role: "menu"}
%li.dropdown-header= t('shared.system')
%li= link_to t('shared.settings'), admin_settings_path
%li= link_to t('zonefile'), admin_zonefile_settings_path
%li= link_to t(:domains_history), admin_domain_versions_path
%li= link_to t(:background_jobs), admin_delayed_jobs_path
- if can?(:access, :settings_menu)
%li.dropdown
%a.dropdown-toggle{"data-toggle" => "dropdown", href: "#"}
= t('shared.settings')
%span.caret
%ul.dropdown-menu{role: "menu"}
%li.dropdown-header= t('shared.system')
%li= link_to t('shared.settings'), admin_settings_path
%li= link_to t('zonefile'), admin_zonefile_settings_path
%li= link_to t(:domains_history), admin_domain_versions_path
%li= link_to t(:background_jobs), admin_delayed_jobs_path
%li.divider
%li.dropdown-header= t('shared.users')
%li= link_to t(:admin_users), admin_users_path
%li= link_to t(:epp_users), admin_epp_users_path
%li.divider
%li.dropdown-header= t('shared.users')
%li= link_to t(:admin_users), admin_users_path
%li= link_to t(:epp_users), admin_epp_users_path
%ul.nav.navbar-nav.navbar-right
%li= link_to t('shared.log_out', user: current_user), '/logout'

View file

@ -21,9 +21,8 @@
%h2.form-signin-heading.text-center Eesti Interneti SA
%hr
/ TODO: Refactor this when ID card login is done
- if can? :create, :admin_session
= button_to 'ID card (user1)', 'sessions',
class: 'btn btn-lg btn-primary btn-block', name: 'user1'
= button_to 'ID card (user2)', 'sessions',
class: 'btn btn-lg btn-primary btn-block', name: 'user2'
= button_to 'ID card (user1)', 'sessions',
class: 'btn btn-lg btn-primary btn-block', name: 'user1'
= button_to 'ID card (user2)', 'sessions',
class: 'btn btn-lg btn-primary btn-block', name: 'user2'