kevinsivic/dawarich
1
0
Fork 0
mirror of https://github.com/Freika/dawarich.git synced 2026-01-11 09:41:40 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Restrict background jobs to self-hosted mode

Browse source
This commit is contained in:
Eugene Burmakin 2025-02-15 11:40:51 +01:00
parent 86fd2311f9
commit 74cfc9020e
2 changed files with 169 additions and 63 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/controllers/settings/background_jobs_controller.rb
View file

@ -1,6 +1,7 @@
# frozen_string_literal: true
class Settings::BackgroundJobsController < ApplicationController
before_action :authenticate_self_hosted!
before_action :authenticate_user!
before_action :authenticate_admin!, unless: lambda {
%w[start_immich_import start_photoprism_import].include?(params[:job_name])

105
spec/requests/settings/background_jobs_spec.rb
View file

@ -8,6 +8,11 @@ RSpec.describe '/settings/background_jobs', type: :request do
.to_return(status: 200, body: '[{"name": "1.0.0"}]', headers: {})
end
context 'when Dawarich is in self-hosted mode' do
before do
allow(DawarichSettings).to receive(:self_hosted?).and_return(true)
end
context 'when user is not authenticated' do
it 'redirects to sign in page' do
get settings_background_jobs_url
@ -104,3 +109,103 @@ RSpec.describe '/settings/background_jobs', type: :request do
end
end
end
context 'when Dawarich is not in self-hosted mode' do
before do
allow(DawarichSettings).to receive(:self_hosted?).and_return(false)
end
context 'when user is not authenticated' do
it 'redirects to sign in page' do
get settings_background_jobs_url
expect(response).to redirect_to(root_url)
expect(flash[:notice]).to eq('You are not authorized to perform this action.')
end
end
context 'when user is authenticated' do
let(:user) { create(:user) }
before { sign_in user }
describe 'GET /index' do
it 'redirects to root page' do
get settings_background_jobs_url
expect(response).to redirect_to(root_url)
expect(flash[:notice]).to eq('You are not authorized to perform this action.')
end
context 'when user is an admin' do
before { sign_in create(:user, :admin) }
it 'redirects to root page' do
get settings_background_jobs_url
expect(response).to redirect_to(root_url)
expect(flash[:notice]).to eq('You are not authorized to perform this action.')
end
end
end
describe 'POST /create' do
it 'redirects to root page' do
post settings_background_jobs_url, params: { job_name: 'start_reverse_geocoding' }
expect(response).to redirect_to(root_url)
expect(flash[:notice]).to eq('You are not authorized to perform this action.')
end
context 'when job name is start_immich_import' do
it 'redirects to imports page' do
post settings_background_jobs_url, params: { job_name: 'start_immich_import' }
expect(response).to redirect_to(root_url)
expect(flash[:notice]).to eq('You are not authorized to perform this action.')
end
end
context 'when job name is start_photoprism_import' do
it 'redirects to imports page' do
post settings_background_jobs_url, params: { job_name: 'start_photoprism_import' }
expect(response).to redirect_to(root_url)
expect(flash[:notice]).to eq('You are not authorized to perform this action.')
end
end
context 'when user is an admin' do
before { sign_in create(:user, :admin) }
it 'redirects to root page' do
get settings_background_jobs_url
expect(response).to redirect_to(root_url)
expect(flash[:notice]).to eq('You are not authorized to perform this action.')
end
end
end
describe 'DELETE /destroy' do
it 'redirects to root page' do
delete settings_background_job_url('queue_name')
expect(response).to redirect_to(root_url)
expect(flash[:notice]).to eq('You are not authorized to perform this action.')
end
end
context 'when user is an admin' do
before { sign_in create(:user, :admin) }
it 'redirects to root page' do
get settings_background_jobs_url
expect(response).to redirect_to(root_url)
expect(flash[:notice]).to eq('You are not authorized to perform this action.')
end
end
end
end
end