Use our `AdminConstraint` to simplify auth

.rubocop.yml

@@ -0,0 +1,113 @@
+AllCops:
+  TargetRubyVersion: 2.4
+  DisabledByDefault: true
+  Exclude:
+    - 'db/schema.rb'
+    - 'bundle/**/*'
+    - 'vendor/**/*'
+    - 'node_modules/**/*'
+    - 'public/**/*'
+
+# Prefer &&/|| over and/or.
+Style/AndOr:
+  Enabled: true
+
+# Do not use braces for hash literals when they are the last argument of a
+# method call.
+Style/BracesAroundHashParameters:
+  Enabled: true
+
+# Align `when` with `case`.
+Layout/CaseIndentation:
+  Enabled: true
+
+# Align comments with method definitions.
+Layout/CommentIndentation:
+  Enabled: true
+
+# No extra empty lines.
+Layout/EmptyLines:
+  Enabled: true
+
+# Use Ruby >= 1.9 syntax for hashes. Prefer { a: :b } over { :a => :b }.
+Style/HashSyntax:
+  Enabled: true
+
+# Two spaces, no tabs (for indentation).
+Layout/IndentationWidth:
+  Enabled: true
+
+Layout/SpaceAfterColon:
+  Enabled: true
+
+Layout/SpaceAfterComma:
+  Enabled: true
+
+Layout/SpaceAroundEqualsInParameterDefault:
+  Enabled: true
+
+Layout/SpaceAroundKeyword:
+  Enabled: true
+
+Layout/SpaceAroundOperators:
+  Enabled: true
+
+Layout/SpaceBeforeFirstArg:
+    Enabled: true
+
+# Defining a method with parameters needs parentheses.
+Style/MethodDefParentheses:
+  Enabled: true
+
+# Use `foo {}` not `foo{}`.
+Layout/SpaceBeforeBlockBraces:
+  Enabled: true
+
+# Use `foo { bar }` not `foo {bar}`.
+Layout/SpaceInsideBlockBraces:
+  Enabled: true
+
+# Use `{ a: 1 }` not `{a:1}`.
+Layout/SpaceInsideHashLiteralBraces:
+  Enabled: true
+
+Layout/SpaceInsideParens:
+  Enabled: true
+
+# Detect hard tabs, no hard tabs.
+Layout/Tab:
+  Enabled: true
+
+# Blank lines should not have any spaces.
+Layout/TrailingBlankLines:
+  Enabled: true
+
+# No trailing whitespace.
+Layout/TrailingWhitespace:
+  Enabled: true
+
+Lint/Debugger:
+  Enabled: true
+
+Layout/BlockAlignment:
+  Enabled: true
+
+# Align `end` with the matching keyword or starting expression except for
+# assignments, where it should be aligned with the LHS.
+Layout/EndAlignment:
+  Enabled: true
+  EnforcedStyleAlignWith: variable
+
+# Use my_method(my_arg) not my_method( my_arg ) or my_method my_arg.
+Lint/RequireParentheses:
+  Enabled: true
+
+Layout/MultilineMethodCallIndentation:
+  Enabled: true
+  EnforcedStyle: indented
+
+Layout/AlignHash:
+  Enabled: true
+
+Bundler/OrderedGems:
+  Enabled: false

app/controllers/docker_manager/application_controller.rb

@@ -4,7 +4,6 @@ module DockerManager
 
     include CurrentUser
 
-    before_action :ensure_admin
     protect_from_forgery
 
     def handle_unverified_request
@@ -13,12 +12,5 @@ module DockerManager
       render plain: "['BAD CSRF']", status: 403
     end
 
-    protected
-
-    def ensure_admin
-      return redirect_to '/login' if !current_user
-      return render(plain: I18n.t('invalid_access'), status: 404) if !current_user.admin?
-    end
-
   end
 end

config/routes.rb

@@ -1,13 +1,13 @@
 DockerManager::Engine.routes.draw do
-  get "admin/docker", to: redirect("/admin/upgrade")
-  get "admin/upgrade" => "admin#index"
-  get "admin/docker/repos" => "admin#repos"
-  get "admin/docker/latest" => "admin#latest"
-  get "admin/docker/progress" => "admin#progress"
-  get "admin/docker/ps" => "admin#ps"
-  post "admin/docker/upgrade" => "admin#upgrade"
-  delete "admin/docker/upgrade" => "admin#reset_upgrade"
-  get "admin/docker/runaway_cpu" => "admin#runaway_cpu"
-  get "admin/docker/runaway_mem" => "admin#runaway_mem"
-  get 'admin/docker/csrf' => 'admin#csrf'
+  get "admin/docker", to: redirect("/admin/upgrade"), constraints: AdminConstraint.new
+  get "admin/upgrade" => "admin#index", constraints: AdminConstraint.new
+  get "admin/docker/repos" => "admin#repos", constraints: AdminConstraint.new
+  get "admin/docker/latest" => "admin#latest", constraints: AdminConstraint.new
+  get "admin/docker/progress" => "admin#progress", constraints: AdminConstraint.new
+  get "admin/docker/ps" => "admin#ps", constraints: AdminConstraint.new
+  post "admin/docker/upgrade" => "admin#upgrade", constraints: AdminConstraint.new
+  delete "admin/docker/upgrade" => "admin#reset_upgrade", constraints: AdminConstraint.new
+  get "admin/docker/runaway_cpu" => "admin#runaway_cpu", constraints: AdminConstraint.new
+  get "admin/docker/runaway_mem" => "admin#runaway_mem", constraints: AdminConstraint.new
+  get 'admin/docker/csrf' => 'admin#csrf', constraints: AdminConstraint.new
 end

spec/requests/admin_controller_spec.rb

@@ -2,22 +2,19 @@ require 'rails_helper'
 
 RSpec.describe DockerManager::AdminController do
   describe 'anonymous user' do
-    it 'should redirect to login page' do
+    it 'should be a 404' do
       get '/admin/upgrade'
 
-      expect(response.status).to eq(302)
-      expect(response).to redirect_to('/login')
+      expect(response.status).to eq(404)
     end
   end
 
   describe 'when user is not an admin' do
-    it 'should redirect to login page' do
+    it 'should 404' do
       sign_in(Fabricate(:user))
 
       get '/admin/upgrade'
-
       expect(response.status).to eq(404)
-      expect(response.body).to eq(I18n.t('invalid_access'))
     end
   end
 
@@ -26,7 +23,6 @@ RSpec.describe DockerManager::AdminController do
       sign_in(Fabricate(:admin))
 
       get '/admin/upgrade'
-
       expect(response.status).to eq(200)
     end
   end
@@ -36,11 +32,8 @@ RSpec.describe DockerManager::AdminController do
       sign_in(Fabricate(:admin))
 
       get '/admin/docker/repos'
-
       expect(response.status).to eq(200)
-
       body = JSON.parse(response.body)
-
       expect(body["repos"].first["official"]).to eq(false)
     end
   end