Add Permissions Framework (#43)

* created user role column * authentication login test * Added in initial changes for authentication * Small changes to spelling and role declaration * Reverse permissions * Added reverse changes to other sections for readability * changed unless to if for the scope in users * deleted admin_user.rb files * Testing * Testing * Testing changes * Changing permissions for users * Edits * deleted admin_user.rb from models * Modified the New User page so admins can set roles when creating new users * Prevented users from being created with null role value * update schema file * removed extra roles column * rubocop style fixes * boolean changes in user.rb * revert users.rb change * now blocks access to team_switch requests, redirecting to back page * comments on teamswitch requests * Add dropdown to select user role when creating new user (#38) * Modified the New User page so admins can set roles when creating new users * Prevented users from being created with null role value * update schema file * removed extra roles column * rubocop style fixes * rubocop autocorrect * added roles to dancer_test * added id to dancers to force unique constraint * added usernames to users.yml to fix unique constraint * all dancers tests pass * Non-admin users can no longer access team switch request page and users page (#41) * style fixes * redirects to dashboard page when user tries to access team switch request * block viewing users for directors, can't change own password if director * Only Show Team Switch Requests/Users Buttons for Admin (#40) * changed unless to if * test - switched true/false for can view * migrations * only add to menu if user is admin * used guard clause and fixed circleci * hide user button for nonadmin * style fix avoiding guard clause * fixed unexpected end * indentation style fix * extra line rubocop fix * add question mark to users * slight syntax
afxdance · Dec 17, 2018 · 3aed549 · 3aed549
1 parent b3d9823
commit 3aed549
Show file tree

Hide file tree

Showing 30 changed files with 447 additions and 75 deletions.
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -1,25 +1,25 @@
-{
-    "[html.erb]": {
-        "editor.detectIndentation": false,
-        "editor.insertSpaces": true,
-        "editor.tabSize": 2,
-    },
-    "[ruby]": {
-        "editor.detectIndentation": false,
-        "editor.insertSpaces": true,
-        "editor.tabSize": 2,
-    },
-
-    "editor.insertSpaces": true,
-    "editor.rulers": [100],
-    "editor.tabSize": 2,
-    "editor.wordWrap": "bounded",
-    "editor.wordWrapColumn": 100,
-    "files.insertFinalNewline": true,
-    "files.trimFinalNewlines": true,
-    "files.trimTrailingWhitespace": true,
-    "workbench.editor.closeOnFileDelete": false,
-
-    // https://code.visualstudio.com/docs/editor/integrated-terminal
-    "terminal.integrated.shell.windows": "C:\\Windows\\System32\\bash.exe",
-}
+{
+    "[html.erb]": {
+        "editor.detectIndentation": false,
+        "editor.insertSpaces": true,
+        "editor.tabSize": 2,
+    },
+    "[ruby]": {
+        "editor.detectIndentation": false,
+        "editor.insertSpaces": true,
+        "editor.tabSize": 2,
+    },
+
+    "editor.insertSpaces": true,
+    "editor.rulers": [100],
+    "editor.tabSize": 2,
+    "editor.wordWrap": "bounded",
+    "editor.wordWrapColumn": 100,
+    "files.insertFinalNewline": true,
+    "files.trimFinalNewlines": true,
+    "files.trimTrailingWhitespace": true,
+    "workbench.editor.closeOnFileDelete": false,
+
+    // https://code.visualstudio.com/docs/editor/integrated-terminal
+    "terminal.integrated.shell.windows": "C:\\Windows\\System32\\bash.exe",
+}
diff --git a/app/admin/team_switch_requests.rb b/app/admin/team_switch_requests.rb
@@ -12,6 +12,8 @@
   #   permitted
   # end
 
+  before_action :role_check
+
   permit_params do
     [
       :name,
@@ -57,6 +59,11 @@
   end
 
   controller do
+    # checks if user can view the team switch requests page
+    def role_check
+      redirect_to "/admin", alert: "You can't view the team switch requests page!!! >:( uwu" unless current_user.can_view_team_switch?
+    end
+
     def action_methods
       if current_user.can_modify_all_teams?
         super
@@ -147,7 +154,6 @@ def process_team_switch_request_into_team(team_switch_request_id, team_id)
     selectable_column
     # https://github.com/activeadmin/activeadmin/issues/1995#issuecomment-15846811
     TeamSwitchRequest.content_columns.each { |col| column col.name.to_sym }
-
     column :old_team
     column :new_team
     column :current_team do |team_switch_request|

diff --git a/app/admin/teams.rb b/app/admin/teams.rb
@@ -11,6 +11,7 @@
   #   permitted << :other if params[:action] == 'create' && current_user.admin?
   #   permitted
   # end
+  scope_to :current_user
 
   permit_params do
     [

diff --git a/app/admin/users.rb b/app/admin/users.rb
@@ -1,18 +1,28 @@
 ActiveAdmin.register User do
+  before_action :role_check
   permit_params(
     :username,
     :password,
     :password_confirmation,
+    :role,
     team_ids: [], # Necessary in order to properly link users and teams
   )
 
+  controller do
+    # checks if user can view the users page
+    def role_check
+      redirect_to "/admin", alert: "You can't view the users page!!! >:( uwu" unless current_user.can_view_users?
+    end
+  end
+
   index do
     selectable_column
     id_column
     column :username
     column :current_sign_in_at
     column :sign_in_count
     column :created_at
+    column :role
     column "Teams" do |user|
       user.teams.map do |team|
         link_to team.name, admin_team_path(team)
@@ -25,6 +35,7 @@
   filter :current_sign_in_at
   filter :sign_in_count
   filter :created_at
+  filter :role
 
   form do |f|
     f.inputs do
@@ -33,6 +44,7 @@
       f.input :password_confirmation
       # Creates the selection menu so the user can choose a team
       f.input :teams, collection: Team.all.map { |team| [team.name, team.id] }
+      f.input :role, as: :select, collection: User.roles.keys, include_blank: false, allow_blank: false
     end
     f.actions
   end

diff --git a/app/models/team_switch_request.rb b/app/models/team_switch_request.rb
@@ -1,5 +1,9 @@
 class TeamSwitchRequest < ApplicationRecord
   # https://blog.bigbinary.com/2016/02/15/rails-5-makes-belong-to-association-required-by-default.html
+  ActiveAdmin.register TeamSwitchRequest do
+    menu if: proc { current_user.admin? }
+  end
+
   belongs_to :dancer, optional: true
   has_and_belongs_to_many :available_teams, class_name: "Team", join_table: :team_switch_requests_available_teams
   belongs_to :old_team, class_name: "Team", optional: true

diff --git a/app/models/user.rb b/app/models/user.rb
@@ -1,5 +1,10 @@
 class User < ApplicationRecord
+  ActiveAdmin.register User do
+    menu if: proc { current_user.admin? }
+  end
+
   has_and_belongs_to_many :teams
+  enum role: [:director, :admin]
   # Include default devise modules. Others available are:
   # :confirmable, :lockable, :timeoutable and :omniauthable
   devise(
@@ -33,11 +38,11 @@ def board_privileges?
   end
 
   def can_modify_users?
-    true
+    board_privileges?
   end
 
   def can_create_dancer?
-    true
+    board_privileges?
   end
 
   def can_modify_next_dancer_id?
@@ -71,4 +76,20 @@ def accessible_dancer_fields
   def can_do_randomization?
     true
   end
+
+  def can_view_team_switch?
+    if admin?
+      true
+    else
+      false
+    end
+  end
+
+  def can_view_users?
+    if admin?
+      true
+    else
+      false
+    end
+  end
 end
diff --git a/cucumber-java/.idea/compiler.xml b/cucumber-java/.idea/compiler.xml
diff --git a/cucumber-java/.idea/encodings.xml b/cucumber-java/.idea/encodings.xml
diff --git a/cucumber-java/.idea/misc.xml b/cucumber-java/.idea/misc.xml
diff --git a/cucumber-java/.idea/vcs.xml b/cucumber-java/.idea/vcs.xml
diff --git a/cucumber-java/.idea/workspace.xml b/cucumber-java/.idea/workspace.xml