diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 54d6aa0..95fd6e7 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,45 +1,54 @@ class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception attr_writer :breadcrumb helper_method :admin? def admin? - not params.key?(:user) + return false if params.key?('user') + return false if current_user.nil? + + @admin_count ||= begin + current_user + .groups + .where(name: WebDNS.settings[:admin_group]).count + end + + @admin_count != 0 end def admin_only! return if admin? redirect_to root_path, alert: 'Admin only area!' end private def group @group ||= group_scope.find(params[:group_id] || params[:id]) end def domain @domain ||= domain_scope.find(params[:domain_id] || params[:id]) end def record @record ||= record_scope.find(params[:record_id] || params[:id]) end def group_scope @group_scope ||= admin? ? Group.all : current_user.groups end def domain_scope @domain_scope ||= admin? ? Domain.all : Domain.where(group: group_scope) end def record_scope @record_scope ||= domain.records end end diff --git a/config/initializers/00_settings.rb b/config/initializers/00_settings.rb index 52838f4..84a278a 100644 --- a/config/initializers/00_settings.rb +++ b/config/initializers/00_settings.rb @@ -1,17 +1,18 @@ WebDNS = Base WebDNS.settings[:soa_defaults] = { primary_ns: 'ns.example.com', contact: 'domainmaster@example.com', serial: 1, refresh: 10_800, retry: 3600, expire: 604_800, nx: 3600 } WebDNS.settings[:serial_strategy] = Strategies::Date WebDNS.settings[:prohibit_records_types] = [] WebDNS.settings[:mail_from] = 'webdns@example.com' +WebDNS.settings[:admin_group] = 'admin'