kevinsivic/dawarich
1
0
Fork 0
mirror of https://github.com/Freika/dawarich.git synced 2026-01-10 17:21:38 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Restrict access to Sidekiq in non self-hosted mode

Browse source
This commit is contained in:
Eugene Burmakin 2025-02-15 11:50:56 +01:00
parent 9e34d30383
commit 7dfec304e4
2 changed files with 55 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/routes.rb
View file

@ -6,7 +6,7 @@ Rails.application.routes.draw do
mount ActionCable.server => '/cable'
mount Rswag::Api::Engine => '/api-docs'
mount Rswag::Ui::Engine => '/api-docs'
authenticate :user, ->(u) { u.admin? } do
authenticate :user, ->(u) { u.admin? && DawarichSettings.self_hosted? } do
mount Sidekiq::Web => '/sidekiq'
end

76
spec/requests/sidekiq_spec.rb
View file

@ -3,39 +3,71 @@
require 'rails_helper'
RSpec.describe '/sidekiq', type: :request do
context 'when user is not authenticated' do
it 'redirects to sign in page' do
get sidekiq_url
context 'when Dawarich is in self-hosted mode' do
before do
allow(DawarichSettings).to receive(:self_hosted?).and_return(true)
end
expect(response).to redirect_to('/users/sign_in')
context 'when user is not authenticated' do
it 'redirects to sign in page' do
get sidekiq_url
expect(response).to redirect_to('/users/sign_in')
end
end
context 'when user is authenticated' do
context 'when user is not admin' do
before { sign_in create(:user) }
it 'redirects to root page' do
get sidekiq_url
expect(response).to redirect_to(root_url)
end
it 'shows flash message' do
get sidekiq_url
expect(flash[:error]).to eq('You are not authorized to perform this action.')
end
end
context 'when user is admin' do
before { sign_in create(:user, :admin) }
it 'renders a successful response' do
get sidekiq_url
expect(response).to be_successful
end
end
end
end
context 'when user is authenticated' do
context 'when user is not admin' do
before { sign_in create(:user) }
context 'when Dawarich is not in self-hosted mode' do
before do
allow(DawarichSettings).to receive(:self_hosted?).and_return(false)
Rails.application.reload_routes!
end
context 'when user is not authenticated' do
it 'redirects to sign in page' do
get sidekiq_url
expect(response).to redirect_to('/users/sign_in')
end
end
context 'when user is authenticated' do
before { sign_in create(:user, :admin) }
it 'redirects to root page' do
get sidekiq_url
expect(response).to redirect_to(root_url)
end
it 'shows flash message' do
get sidekiq_url
expect(flash[:error]).to eq('You are not authorized to perform this action.')
end
end
context 'when user is admin' do
before { sign_in create(:user, :admin) }
it 'renders a successful response' do
get sidekiq_url
expect(response).to be_successful
end
end
end
end