Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce login and moderator status to edit data #53

Merged
merged 1 commit into from
Feb 6, 2021
Merged

Enforce login and moderator status to edit data #53

merged 1 commit into from
Feb 6, 2021

Conversation

jfranciscosousa
Copy link
Contributor

@jfranciscosousa jfranciscosousa commented Jan 31, 2021
edited
Loading

To prevent people from messing up the existing data, only moderators should be able to edit data.

@jfranciscosousa jfranciscosousa temporarily deployed to bookclub-cooperativa-pr-53 January 31, 2021 15:35 Inactive
@jfranciscosousa jfranciscosousa temporarily deployed to bookclub-cooperativa-pr-53 January 31, 2021 20:23 Inactive
@jfranciscosousa jfranciscosousa temporarily deployed to bookclub-cooperativa-pr-53 January 31, 2021 20:25 Inactive
jpcorreia99
jpcorreia99 reviewed Feb 5, 2021
View reviewed changes
app/controllers/books_controller.rb
Comment on lines 2 to +3
before_action :require_login, only: %i[new create edit update destroy]
before_action :require_moderator, only: %i[new create edit update destroy]
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

isn't the require_login made redundant here since require_moderator also checks if the user is logged_in?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Require login ensures people are authenticated, redirecting them to login.
Require moderator just breaks a 401

We need both because we want the redirect part + the 401 part afterward.

@jpcorreia99
Copy link
Collaborator

There seems to be this stange bug where, when in the books tab, if I click on a user to see it's books, the page turns blank
image
image

@jfranciscosousa
Copy link
Contributor Author

@jpcorreia99 not gonna solve here on this PR, not part of the scope. I'll solve that later

jpcorreia99
jpcorreia99 approved these changes Feb 6, 2021
View reviewed changes
Copy link
Collaborator

@jpcorreia99 jpcorreia99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@jfranciscosousa jfranciscosousa merged commit 85570d0 into master Feb 6, 2021
@jfranciscosousa jfranciscosousa deleted the fs/add-auth branch February 6, 2021 18:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jpcorreia99 jpcorreia99 jpcorreia99 approved these changes

@DavideSilva DavideSilva Awaiting requested review from DavideSilva

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jfranciscosousa @jpcorreia99