diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index ddb7820..6037a40 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -1,44 +1,52 @@ module Admin class UsersController < ApplicationController before_action :authenticate_user! before_action :admin_only! # GET /users def index @users = User.all end # GET /users/orphans def orphans @users = User.orphans end # DELETE /users/:id def destroy @user = User.find(params[:id]) @user.destroy redirect_to orphans_admin_users_path, notice: "#{@user.email} was deleted." end + def edit + @user = User.find(params[:id]) + @user.toggle_admin + @user.save + + redirect_to admin_users_path, notice: "#{@user.email} admin privileges were changed." + end + def update additions = 0 params.each_pair { |k, group_id| next if !k.start_with?('orphan-') _, id = k.split('-', 2) user = User.orphans.find_by_id(id) next if !user group = Group.find_by_id(group_id) next if !group user.groups << group additions += 1 } redirect_to :back, notice: "#{additions} users were assigned to groups" end end end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 13df1b8..28bfe6d 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,70 +1,64 @@ class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception attr_writer :breadcrumb helper_method :admin? helper_method :dnssec? def admin? return false if params.key?('user') return false if current_user.nil? - @admin_count ||= begin - current_user - .groups - .where(name: WebDNS.settings[:admin_group]).count - end - - @admin_count != 0 + current_user.admin end def admin_only! return if admin? redirect_to root_path, alert: 'Admin only area!' end def dnssec? WebDNS.settings[:dnssec] end private def group @group ||= edit_group_scope.find(params[:group_id] || params[:id]) end def domain @domain ||= edit_domain_scope.find(params[:domain_id] || params[:id]) end def record @record ||= record_scope.find(params[:record_id] || params[:id] || params[:pk]) end def show_group_scope @show_group_scope ||= current_user.groups end def edit_group_scope @edit_group_scope ||= admin? ? Group.all : show_group_scope end def show_domain_scope @show_domain_scope ||= Domain.where(group: show_group_scope) end def edit_domain_scope @edit_domain_scope ||= admin? ? Domain.all : Domain.where(group: show_group_scope) end def record_scope @record_scope ||= domain.records end def notification Notification.instance if WebDNS.settings[:notifications] end end diff --git a/app/models/user.rb b/app/models/user.rb index 66f7508..c2e1873 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,48 +1,52 @@ class User < ActiveRecord::Base devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable has_many :memberships has_many :groups, through: :memberships has_many :subscriptions, dependent: :delete_all scope :orphans, -> { includes(:memberships).where(:memberships => { user_id: nil }) } # Check if the user can change his password # # Remote users are not able to change their password def can_change_password? !identifier? end + def toggle_admin + self.admin = !self.admin + end + def to_api Hash[ :id, id, :email, email ].with_indifferent_access end def self.find_for_database_authentication(conditions) # Override devise method for database auth # We only want to auth local user via the database. find_first_by_auth_conditions(conditions, identifier: '') end def mute_all_domains ActiveRecord::Base.transaction do domain_ids = Domain.where(group: groups).pluck(:id) domain_ids.each { |did| sub = self.subscriptions.create(domain_id: did) if !sub.valid? # Allow only domain_id (uniqueness) errors raise x.errors.full_messages.join(', ') if sub.errors.size > 1 raise x.errors.full_messages.join(', ') if !sub.errors[:domain_id] end } end end end diff --git a/app/views/admin/users/index.html.erb b/app/views/admin/users/index.html.erb index 60156a0..c60b1de 100644 --- a/app/views/admin/users/index.html.erb +++ b/app/views/admin/users/index.html.erb @@ -1,23 +1,32 @@
<%= bootstrap_form_tag(url: update_groups_admin_users_path, method: 'PUT', layout: :horizontal, label_col: 'col-sm-2', control_col: 'col-sm-4') do |f| %> + <% @users.each do |u| %> + <% if u.admin %> + <% content = "Are you sure you want to remove admin priviledges from #{u.email}?" %> + <% prefix = "Remove" %> + <% else %> + <% content = "Are you sure you want to make #{u.email} an admin?" %> + <% prefix = "Make" %> + <% end %> + <% end %>
Username Groups ControlsAdmin
<%= u.email %> <%= f.collection_select "orphan-#{u.id}", Group.all, :id, :name, hide_label: true, prompt: 'Group' %> <%= link_to 'Delete', admin_user_path(u), method: :delete, data: { confirm: "Are sure you want to delete #{u.email}?"} %><%= link_to "#{prefix} admin", edit_admin_user_path(u), data: { confirm: content} %>
<%= f.submit 'Apply', class: 'btn btn-primary' %> <% end %>
diff --git a/db/migrate/20180726141603_add_admin_to_users.rb b/db/migrate/20180726141603_add_admin_to_users.rb new file mode 100644 index 0000000..8cc65cc --- /dev/null +++ b/db/migrate/20180726141603_add_admin_to_users.rb @@ -0,0 +1,9 @@ +class AddAdminToUsers < ActiveRecord::Migration + def change + add_column :users, :admin, :boolean + User.find_each do |u| + u.admin = u.groups.where(name: WebDNS.settings[:admin_group]).exists? + u.save + end + end +end