Use our `AdminConstraint` to simplify auth

2018-06-15 13:15:34 -04:00 · 2018-06-15 13:15:34 -04:00 · f75ece9a95
parent 6f0d0ae65f
commit f75ece9a95
4 changed files with 127 additions and 29 deletions
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -0,0 +1,113 @@
 AllCops:
  TargetRubyVersion: 2.4
  DisabledByDefault: true
  Exclude:
    - 'db/schema.rb'
    - 'bundle/**/*'
    - 'vendor/**/*'
    - 'node_modules/**/*'
    - 'public/**/*'
 # Prefer &&/|| over and/or.
 Style/AndOr:
  Enabled: true
 # Do not use braces for hash literals when they are the last argument of a
 # method call.
 Style/BracesAroundHashParameters:
  Enabled: true
 # Align `when` with `case`.
 Layout/CaseIndentation:
  Enabled: true
 # Align comments with method definitions.
 Layout/CommentIndentation:
  Enabled: true
 # No extra empty lines.
 Layout/EmptyLines:
  Enabled: true
 # Use Ruby >= 1.9 syntax for hashes. Prefer { a: :b } over { :a => :b }.
 Style/HashSyntax:
  Enabled: true
 # Two spaces, no tabs (for indentation).
 Layout/IndentationWidth:
  Enabled: true
 Layout/SpaceAfterColon:
  Enabled: true
 Layout/SpaceAfterComma:
  Enabled: true
 Layout/SpaceAroundEqualsInParameterDefault:
  Enabled: true
 Layout/SpaceAroundKeyword:
  Enabled: true
 Layout/SpaceAroundOperators:
  Enabled: true
 Layout/SpaceBeforeFirstArg:
    Enabled: true
 # Defining a method with parameters needs parentheses.
 Style/MethodDefParentheses:
  Enabled: true
 # Use `foo {}` not `foo{}`.
 Layout/SpaceBeforeBlockBraces:
  Enabled: true
 # Use `foo { bar }` not `foo {bar}`.
 Layout/SpaceInsideBlockBraces:
  Enabled: true
 # Use `{ a: 1 }` not `{a:1}`.
 Layout/SpaceInsideHashLiteralBraces:
  Enabled: true
 Layout/SpaceInsideParens:
  Enabled: true
 # Detect hard tabs, no hard tabs.
 Layout/Tab:
  Enabled: true
 # Blank lines should not have any spaces.
 Layout/TrailingBlankLines:
  Enabled: true
 # No trailing whitespace.
 Layout/TrailingWhitespace:
  Enabled: true
 Lint/Debugger:
  Enabled: true
 Layout/BlockAlignment:
  Enabled: true
 # Align `end` with the matching keyword or starting expression except for
 # assignments, where it should be aligned with the LHS.
 Layout/EndAlignment:
  Enabled: true
  EnforcedStyleAlignWith: variable
 # Use my_method(my_arg) not my_method( my_arg ) or my_method my_arg.
 Lint/RequireParentheses:
  Enabled: true
 Layout/MultilineMethodCallIndentation:
  Enabled: true
  EnforcedStyle: indented
 Layout/AlignHash:
  Enabled: true
 Bundler/OrderedGems:
  Enabled: false
--- a/app/controllers/docker_manager/application_controller.rb
+++ b/app/controllers/docker_manager/application_controller.rb
@ -4,7 +4,6 @@ module DockerManager
    include CurrentUser
    before_action :ensure_admin
    protect_from_forgery
    def handle_unverified_request
@ -13,12 +12,5 @@ module DockerManager
      render plain: "['BAD CSRF']", status: 403
    end
    protected
    def ensure_admin
      return redirect_to '/login' if !current_user
      return render(plain: I18n.t('invalid_access'), status: 404) if !current_user.admin?
    end
  end
 end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -1,13 +1,13 @@
 DockerManager::Engine.routes.draw do
-  get "admin/docker", to: redirect("/admin/upgrade")
+  get "admin/docker", to: redirect("/admin/upgrade"), constraints: AdminConstraint.new
-  get "admin/upgrade" => "admin#index"
+  get "admin/upgrade" => "admin#index", constraints: AdminConstraint.new
-  get "admin/docker/repos" => "admin#repos"
+  get "admin/docker/repos" => "admin#repos", constraints: AdminConstraint.new
-  get "admin/docker/latest" => "admin#latest"
+  get "admin/docker/latest" => "admin#latest", constraints: AdminConstraint.new
-  get "admin/docker/progress" => "admin#progress"
+  get "admin/docker/progress" => "admin#progress", constraints: AdminConstraint.new
-  get "admin/docker/ps" => "admin#ps"
+  get "admin/docker/ps" => "admin#ps", constraints: AdminConstraint.new
-  post "admin/docker/upgrade" => "admin#upgrade"
+  post "admin/docker/upgrade" => "admin#upgrade", constraints: AdminConstraint.new
-  delete "admin/docker/upgrade" => "admin#reset_upgrade"
+  delete "admin/docker/upgrade" => "admin#reset_upgrade", constraints: AdminConstraint.new
-  get "admin/docker/runaway_cpu" => "admin#runaway_cpu"
+  get "admin/docker/runaway_cpu" => "admin#runaway_cpu", constraints: AdminConstraint.new
-  get "admin/docker/runaway_mem" => "admin#runaway_mem"
+  get "admin/docker/runaway_mem" => "admin#runaway_mem", constraints: AdminConstraint.new
-  get 'admin/docker/csrf' => 'admin#csrf'
+  get 'admin/docker/csrf' => 'admin#csrf', constraints: AdminConstraint.new
 end
--- a/spec/requests/admin_controller_spec.rb
+++ b/spec/requests/admin_controller_spec.rb
@ -2,22 +2,19 @@ require 'rails_helper'
 RSpec.describe DockerManager::AdminController do
  describe 'anonymous user' do
-    it 'should redirect to login page' do
+    it 'should be a 404' do
      get '/admin/upgrade'
-      expect(response.status).to eq(302)
+      expect(response.status).to eq(404)
      expect(response).to redirect_to('/login')
    end
  end
  describe 'when user is not an admin' do
-    it 'should redirect to login page' do
+    it 'should 404' do
      sign_in(Fabricate(:user))
      get '/admin/upgrade'
      expect(response.status).to eq(404)
      expect(response.body).to eq(I18n.t('invalid_access'))
    end
  end
@ -26,7 +23,6 @@ RSpec.describe DockerManager::AdminController do
      sign_in(Fabricate(:admin))
      get '/admin/upgrade'
      expect(response.status).to eq(200)
    end
  end
@ -36,11 +32,8 @@ RSpec.describe DockerManager::AdminController do
      sign_in(Fabricate(:admin))
      get '/admin/docker/repos'
      expect(response.status).to eq(200)
      body = JSON.parse(response.body)
      expect(body["repos"].first["official"]).to eq(false)
    end
  end