From 9c2d2b8c02e42c2be6d3326630a8bb84fa6db689 Mon Sep 17 00:00:00 2001 From: Eugene Burmakin Date: Fri, 19 Jul 2024 20:57:14 +0200 Subject: [PATCH] Handle Sidekiq access for non-admin users --- config/routes.rb | 6 +++++ spec/requests/sidekiq_spec.rb | 41 +++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 spec/requests/sidekiq_spec.rb diff --git a/config/routes.rb b/config/routes.rb index aacf72de..bfa0dd06 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -9,6 +9,12 @@ Rails.application.routes.draw do mount Sidekiq::Web => '/sidekiq' end + # We want to return a nice error message if the user is not authorized to access Sidekiq + match '/sidekiq' => redirect { |_, request| + request.flash[:error] = 'You are not authorized to perform this action.' + '/' + }, via: :get + resources :settings, only: :index namespace :settings do resources :background_jobs, only: %i[index create destroy] diff --git a/spec/requests/sidekiq_spec.rb b/spec/requests/sidekiq_spec.rb new file mode 100644 index 00000000..a8440e1a --- /dev/null +++ b/spec/requests/sidekiq_spec.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe '/sidekiq', type: :request do + context 'when user is not authenticated' do + it 'redirects to sign in page' do + get sidekiq_url + + expect(response).to redirect_to('/users/sign_in') + end + end + + context 'when user is authenticated' do + context 'when user is not admin' do + before { sign_in create(:user) } + + it 'redirects to root page' do + get sidekiq_url + + expect(response).to redirect_to(root_url) + end + + it 'shows flash message' do + get sidekiq_url + + expect(flash[:error]).to eq('You are not authorized to perform this action.') + end + end + + context 'when user is admin' do + before { sign_in create(:user, :admin) } + + it 'renders a successful response' do + get sidekiq_url + + expect(response).to be_successful + end + end + end +end