Add admin controller

This commit is contained in:
Trevor Vallender 2024-05-26 10:34:09 +01:00
parent 72bee55d7e
commit 716176a1b8
10 changed files with 63 additions and 1 deletions

View File

@ -0,0 +1,14 @@
class AdminController < ApplicationController
layout "admin"
before_action :authenticate_user_as_admin
def index
end
private
def authenticate_user_as_admin
head :forbidden unless Current.user&.admin?
end
end

View File

@ -4,7 +4,6 @@ class ApplicationController < ActionController::Base
private private
def authenticate def authenticate
Rails.logger.error "Session: #{session.inspect}"
if authenticated_user = User.find_by(id: session[:user_id]) if authenticated_user = User.find_by(id: session[:user_id])
Current.user = authenticated_user Current.user = authenticated_user
else else

View File

@ -0,0 +1 @@
<%= t(".intro") %>

View File

@ -0,0 +1,9 @@
<% content_for :submenu do %>
<h2><%= t("administration") %>: <%= content_for :title %></h2>
<nav>
<ul>
</ul>
</nav>
<% end %>
<%= render template: "layouts/application" %>

View File

@ -19,6 +19,9 @@
<ul> <ul>
<% if logged_in? %> <% if logged_in? %>
<li><%= link_to t("log_out"), logout_path, data: {turbo_method: :delete} %></li> <li><%= link_to t("log_out"), logout_path, data: {turbo_method: :delete} %></li>
<% if Current.user.admin? %>
<li><%= link_to t("administration"), admin_index_path %></li>
<% end %>
<% else %> <% else %>
<li><%= link_to t("log_in"), login_path %></li> <li><%= link_to t("log_in"), login_path %></li>
<li><%= link_to t("sign_up"), new_user_path %></li> <li><%= link_to t("sign_up"), new_user_path %></li>

View File

@ -1,5 +1,6 @@
en: en:
site_name: Tabletop Companion site_name: Tabletop Companion
administration: Administration
log_in: Log in log_in: Log in
log_out: Log out log_out: Log out
sign_up: Sign up sign_up: Sign up
@ -15,6 +16,9 @@ en:
show: show:
success: "Thanks for verifying your email address! You can now log in." success: "Thanks for verifying your email address! You can now log in."
error: "Invalid token, could not verify your account." error: "Invalid token, could not verify your account."
admin:
index:
intro: With great power comes great responsibility
sessions: sessions:
create: create:
success: "Hello, %{name}!" success: "Hello, %{name}!"

View File

@ -12,5 +12,7 @@ Rails.application.routes.draw do
resources :tables, only: [ :index ] resources :tables, only: [ :index ]
resources :admin, only: [ :index ]
get "up" => "rails/health#show", as: :rails_health_check get "up" => "rails/health#show", as: :rails_health_check
end end

View File

@ -0,0 +1,20 @@
require "test_helper"
class AdminControllerTest < ActionDispatch::IntegrationTest
test "should get index if signed in as admin" do
sign_in users(:admin)
get admin_index_url
assert_response :success
end
test "should not get index if signed in as non-admin user" do
sign_in users(:trevor)
get admin_index_url
assert_response :forbidden
end
test "should not get index if not signed in" do
get admin_index_url
assert_redirected_to login_path
end
end

View File

@ -16,6 +16,12 @@ unverified:
last_name: User last_name: User
verified: false verified: false
admin:
<<: *DEFAULTS
first_name: Admin
last_name: User
site_roles: admin
<% 1.upto(10) do |i| %> <% 1.upto(10) do |i| %>
user_<%= i %>: user_<%= i %>:
<<: *DEFAULTS <<: *DEFAULTS

View File

@ -21,5 +21,9 @@ module ActiveSupport
def attr_name(klass, attr) def attr_name(klass, attr)
klass.human_attribute_name(attr) klass.human_attribute_name(attr)
end end
def sign_in(user, password: "password")
post sessions_path, params: { username: user.username, password: password }
end
end end
end end