Use our `AdminConstraint` to simplify auth

This commit is contained in:
Robin Ward 2018-06-15 13:15:34 -04:00
parent 6f0d0ae65f
commit f75ece9a95
4 changed files with 127 additions and 29 deletions

113
.rubocop.yml Normal file
View File

@ -0,0 +1,113 @@
AllCops:
TargetRubyVersion: 2.4
DisabledByDefault: true
Exclude:
- 'db/schema.rb'
- 'bundle/**/*'
- 'vendor/**/*'
- 'node_modules/**/*'
- 'public/**/*'
# Prefer &&/|| over and/or.
Style/AndOr:
Enabled: true
# Do not use braces for hash literals when they are the last argument of a
# method call.
Style/BracesAroundHashParameters:
Enabled: true
# Align `when` with `case`.
Layout/CaseIndentation:
Enabled: true
# Align comments with method definitions.
Layout/CommentIndentation:
Enabled: true
# No extra empty lines.
Layout/EmptyLines:
Enabled: true
# Use Ruby >= 1.9 syntax for hashes. Prefer { a: :b } over { :a => :b }.
Style/HashSyntax:
Enabled: true
# Two spaces, no tabs (for indentation).
Layout/IndentationWidth:
Enabled: true
Layout/SpaceAfterColon:
Enabled: true
Layout/SpaceAfterComma:
Enabled: true
Layout/SpaceAroundEqualsInParameterDefault:
Enabled: true
Layout/SpaceAroundKeyword:
Enabled: true
Layout/SpaceAroundOperators:
Enabled: true
Layout/SpaceBeforeFirstArg:
Enabled: true
# Defining a method with parameters needs parentheses.
Style/MethodDefParentheses:
Enabled: true
# Use `foo {}` not `foo{}`.
Layout/SpaceBeforeBlockBraces:
Enabled: true
# Use `foo { bar }` not `foo {bar}`.
Layout/SpaceInsideBlockBraces:
Enabled: true
# Use `{ a: 1 }` not `{a:1}`.
Layout/SpaceInsideHashLiteralBraces:
Enabled: true
Layout/SpaceInsideParens:
Enabled: true
# Detect hard tabs, no hard tabs.
Layout/Tab:
Enabled: true
# Blank lines should not have any spaces.
Layout/TrailingBlankLines:
Enabled: true
# No trailing whitespace.
Layout/TrailingWhitespace:
Enabled: true
Lint/Debugger:
Enabled: true
Layout/BlockAlignment:
Enabled: true
# Align `end` with the matching keyword or starting expression except for
# assignments, where it should be aligned with the LHS.
Layout/EndAlignment:
Enabled: true
EnforcedStyleAlignWith: variable
# Use my_method(my_arg) not my_method( my_arg ) or my_method my_arg.
Lint/RequireParentheses:
Enabled: true
Layout/MultilineMethodCallIndentation:
Enabled: true
EnforcedStyle: indented
Layout/AlignHash:
Enabled: true
Bundler/OrderedGems:
Enabled: false

View File

@ -4,7 +4,6 @@ module DockerManager
include CurrentUser
before_action :ensure_admin
protect_from_forgery
def handle_unverified_request
@ -13,12 +12,5 @@ module DockerManager
render plain: "['BAD CSRF']", status: 403
end
protected
def ensure_admin
return redirect_to '/login' if !current_user
return render(plain: I18n.t('invalid_access'), status: 404) if !current_user.admin?
end
end
end

View File

@ -1,13 +1,13 @@
DockerManager::Engine.routes.draw do
get "admin/docker", to: redirect("/admin/upgrade")
get "admin/upgrade" => "admin#index"
get "admin/docker/repos" => "admin#repos"
get "admin/docker/latest" => "admin#latest"
get "admin/docker/progress" => "admin#progress"
get "admin/docker/ps" => "admin#ps"
post "admin/docker/upgrade" => "admin#upgrade"
delete "admin/docker/upgrade" => "admin#reset_upgrade"
get "admin/docker/runaway_cpu" => "admin#runaway_cpu"
get "admin/docker/runaway_mem" => "admin#runaway_mem"
get 'admin/docker/csrf' => 'admin#csrf'
get "admin/docker", to: redirect("/admin/upgrade"), constraints: AdminConstraint.new
get "admin/upgrade" => "admin#index", constraints: AdminConstraint.new
get "admin/docker/repos" => "admin#repos", constraints: AdminConstraint.new
get "admin/docker/latest" => "admin#latest", constraints: AdminConstraint.new
get "admin/docker/progress" => "admin#progress", constraints: AdminConstraint.new
get "admin/docker/ps" => "admin#ps", constraints: AdminConstraint.new
post "admin/docker/upgrade" => "admin#upgrade", constraints: AdminConstraint.new
delete "admin/docker/upgrade" => "admin#reset_upgrade", constraints: AdminConstraint.new
get "admin/docker/runaway_cpu" => "admin#runaway_cpu", constraints: AdminConstraint.new
get "admin/docker/runaway_mem" => "admin#runaway_mem", constraints: AdminConstraint.new
get 'admin/docker/csrf' => 'admin#csrf', constraints: AdminConstraint.new
end

View File

@ -2,22 +2,19 @@ require 'rails_helper'
RSpec.describe DockerManager::AdminController do
describe 'anonymous user' do
it 'should redirect to login page' do
it 'should be a 404' do
get '/admin/upgrade'
expect(response.status).to eq(302)
expect(response).to redirect_to('/login')
expect(response.status).to eq(404)
end
end
describe 'when user is not an admin' do
it 'should redirect to login page' do
it 'should 404' do
sign_in(Fabricate(:user))
get '/admin/upgrade'
expect(response.status).to eq(404)
expect(response.body).to eq(I18n.t('invalid_access'))
end
end
@ -26,7 +23,6 @@ RSpec.describe DockerManager::AdminController do
sign_in(Fabricate(:admin))
get '/admin/upgrade'
expect(response.status).to eq(200)
end
end
@ -36,11 +32,8 @@ RSpec.describe DockerManager::AdminController do
sign_in(Fabricate(:admin))
get '/admin/docker/repos'
expect(response.status).to eq(200)
body = JSON.parse(response.body)
expect(body["repos"].first["official"]).to eq(false)
end
end