Add admin controller

app/controllers/admin_controller.rb

@@ -0,0 +1,14 @@
+class AdminController < ApplicationController
+  layout "admin"
+
+  before_action :authenticate_user_as_admin
+
+  def index
+  end
+
+  private
+
+    def authenticate_user_as_admin
+      head :forbidden unless Current.user&.admin?
+    end
+end

app/controllers/application_controller.rb

@@ -4,7 +4,6 @@ class ApplicationController < ActionController::Base
   private
 
     def authenticate
-      Rails.logger.error "Session: #{session.inspect}"
       if authenticated_user = User.find_by(id: session[:user_id])
         Current.user = authenticated_user
       else

app/views/admin/index.html.erb

@@ -0,0 +1 @@
+<%= t(".intro") %>

app/views/layouts/admin.html.erb

@@ -0,0 +1,9 @@
+<% content_for :submenu do %>
+  <h2><%= t("administration") %>: <%= content_for :title %></h2>
+  <nav>
+    <ul>
+    </ul>
+  </nav>
+<% end %>
+
+<%= render template: "layouts/application" %>

app/views/layouts/application.html.erb

@@ -19,6 +19,9 @@
         <ul>
           <% if logged_in? %>
             <li><%= link_to t("log_out"), logout_path, data: {turbo_method: :delete} %></li>
+            <% if Current.user.admin? %>
+              <li><%= link_to t("administration"), admin_index_path %></li>
+            <% end %>
           <% else %>
             <li><%= link_to t("log_in"), login_path %></li>
             <li><%= link_to t("sign_up"), new_user_path %></li>

config/locales/en.yml

@@ -1,5 +1,6 @@
 en:
   site_name: Tabletop Companion
+  administration: Administration
   log_in: Log in
   log_out: Log out
   sign_up: Sign up
@@ -15,6 +16,9 @@ en:
     show:
       success: "Thanks for verifying your email address! You can now log in."
       error: "Invalid token, could not verify your account."
+  admin:
+    index:
+      intro: With great power comes great responsibility
   sessions:
     create:
       success: "Hello, %{name}!"

config/routes.rb

@@ -12,5 +12,7 @@ Rails.application.routes.draw do
 
   resources :tables, only: [ :index ]
 
+  resources :admin, only: [ :index ]
+
   get "up" => "rails/health#show", as: :rails_health_check
 end

test/controllers/admin_controller_test.rb

@@ -0,0 +1,20 @@
+require "test_helper"
+
+class AdminControllerTest < ActionDispatch::IntegrationTest
+  test "should get index if signed in as admin" do
+    sign_in users(:admin)
+    get admin_index_url
+    assert_response :success
+  end
+
+  test "should not get index if signed in as non-admin user" do
+    sign_in users(:trevor)
+    get admin_index_url
+    assert_response :forbidden
+  end
+
+  test "should not get index if not signed in" do
+    get admin_index_url
+    assert_redirected_to login_path
+  end
+end

test/fixtures/users.yml

@@ -16,6 +16,12 @@ unverified:
   last_name: User
   verified: false
 
+admin:
+  <<: *DEFAULTS
+  first_name: Admin
+  last_name: User
+  site_roles: admin
+
 <% 1.upto(10) do |i| %>
 user_<%= i %>:
   <<: *DEFAULTS

test/test_helper.rb

@@ -21,5 +21,9 @@ module ActiveSupport
     def attr_name(klass, attr)
       klass.human_attribute_name(attr)
     end
+
+    def sign_in(user, password: "password")
+      post sessions_path, params: { username: user.username, password: password }
+    end
   end
 end