From b1f7b98c11ddc685ebfe66cc1d05b39e9999f4e7 Mon Sep 17 00:00:00 2001 From: Eugene Burmakin Date: Tue, 16 Jul 2024 22:26:16 +0200 Subject: [PATCH] Add admin flag to users --- app/controllers/application_controller.rb | 4 ++-- .../settings/background_jobs_controller.rb | 2 +- app/controllers/settings/users_controller.rb | 5 +++-- config/routes.rb | 4 +++- db/data/20240713103122_make_first_user_admin.rb | 13 +++++++++++++ db/migrate/20240713103051_add_admin_to_users.rb | 7 +++++++ db/schema.rb | 3 ++- spec/models/user_spec.rb | 5 ++--- 8 files changed, 33 insertions(+), 10 deletions(-) create mode 100644 db/data/20240713103122_make_first_user_admin.rb create mode 100644 db/migrate/20240713103051_add_admin_to_users.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 0140a936..04950a57 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -13,8 +13,8 @@ class ApplicationController < ActionController::Base @unread_notifications ||= Notification.where(user: current_user).unread end - def authenticate_first_user! - return if current_user == User.first + def authenticate_admin! + return if current_user.admin? redirect_to root_path, notice: 'You are not authorized to perform this action.', status: :unauthorized end diff --git a/app/controllers/settings/background_jobs_controller.rb b/app/controllers/settings/background_jobs_controller.rb index 6ebc3b94..1a9717e1 100644 --- a/app/controllers/settings/background_jobs_controller.rb +++ b/app/controllers/settings/background_jobs_controller.rb @@ -2,7 +2,7 @@ class Settings::BackgroundJobsController < ApplicationController before_action :authenticate_user! - before_action :authenticate_first_user! + before_action :authenticate_admin! def index @queues = Sidekiq::Queue.all diff --git a/app/controllers/settings/users_controller.rb b/app/controllers/settings/users_controller.rb index a05cbe90..5cfe5a71 100644 --- a/app/controllers/settings/users_controller.rb +++ b/app/controllers/settings/users_controller.rb @@ -2,7 +2,7 @@ class Settings::UsersController < ApplicationController before_action :authenticate_user! - before_action :authenticate_first_user! + before_action :authenticate_admin! def create @user = User.new( @@ -12,7 +12,8 @@ class Settings::UsersController < ApplicationController ) if @user.save - redirect_to settings_url, notice: "User was successfully created, email is #{@user.email}, password is \"password\"." + redirect_to settings_url, + notice: "User was successfully created, email is #{@user.email}, password is \"password\"." else redirect_to settings_url, notice: 'User could not be created.', status: :unprocessable_entity end diff --git a/config/routes.rb b/config/routes.rb index 64500399..aacf72de 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -5,7 +5,9 @@ require 'sidekiq/web' Rails.application.routes.draw do mount Rswag::Api::Engine => '/api-docs' mount Rswag::Ui::Engine => '/api-docs' - mount Sidekiq::Web => '/sidekiq' + authenticate :user, ->(u) { u.admin? } do + mount Sidekiq::Web => '/sidekiq' + end resources :settings, only: :index namespace :settings do diff --git a/db/data/20240713103122_make_first_user_admin.rb b/db/data/20240713103122_make_first_user_admin.rb new file mode 100644 index 00000000..a039b676 --- /dev/null +++ b/db/data/20240713103122_make_first_user_admin.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +class MakeFirstUserAdmin < ActiveRecord::Migration[7.1] + def up + user = User.first + user.update!(admin: true) + end + + def down + user = User.first + user.update!(admin: false) + end +end diff --git a/db/migrate/20240713103051_add_admin_to_users.rb b/db/migrate/20240713103051_add_admin_to_users.rb new file mode 100644 index 00000000..784b3a27 --- /dev/null +++ b/db/migrate/20240713103051_add_admin_to_users.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +class AddAdminToUsers < ActiveRecord::Migration[7.1] + def change + add_column :users, :admin, :boolean, default: false + end +end diff --git a/db/schema.rb b/db/schema.rb index 19c7f624..66438cd1 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.1].define(version: 2024_07_12_141303) do +ActiveRecord::Schema[7.1].define(version: 2024_07_13_103051) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -150,6 +150,7 @@ ActiveRecord::Schema[7.1].define(version: 2024_07_12_141303) do t.string "api_key", default: "", null: false t.string "theme", default: "dark", null: false t.jsonb "settings", default: {"fog_of_war_meters"=>"200", "meters_between_routes"=>"1000", "minutes_between_routes"=>"60"} + t.boolean "admin", default: false t.index ["email"], name: "index_users_on_email", unique: true t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index f69f0654..d0cd4e69 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -91,11 +91,10 @@ RSpec.describe User, type: :model do describe '#total_reverse_geocoded' do subject { user.total_reverse_geocoded } - let(:import) { create(:import, user:) } let!(:reverse_geocoded_point) do - create(:point, country: 'Country', city: 'City', geodata: { some: 'data' }, import:) + create(:point, country: 'Country', city: 'City', geodata: { some: 'data' }, user:) end - let!(:not_reverse_geocoded_point) { create(:point, country: 'Country', city: 'City', import:) } + let!(:not_reverse_geocoded_point) { create(:point, country: 'Country', city: 'City', user:) } it 'returns number of reverse geocoded points' do expect(subject).to eq(1)