-
Notifications
You must be signed in to change notification settings - Fork 438
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This UI is only available to users with the Staff or Admin roles. Upstream docs: https://github.com/jnunemaker/flipper/blob/4da0b9a596465310882c368fa5292dcbbde48399/docs/ui/README.md
- Loading branch information
Dany Marcoux
committed
Sep 27, 2021
1 parent
dd7a827
commit 62ccf0e
Showing
5 changed files
with
106 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| module RoutesHelper | ||
| class RoleMatcher | ||
| def self.matches?(request) | ||
| return false if request.bot? | ||
|
|
||
| return false unless WebuiControllerService::UserChecker.new(http_request: request, config: CONFIG).call | ||
|
|
||
| current_user_login = request.session[:login] | ||
| current_user = current_user_login.present? ? User.find_by_login(current_user_login) : User.possibly_nobody | ||
|
|
||
| current_user.is_admin? || current_user.is_staff? | ||
| end | ||
| end | ||
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,79 @@ | ||
| require 'rails_helper' | ||
|
|
||
| RSpec.describe RoutesHelper::RoleMatcher do | ||
| describe '.matches?' do | ||
| subject { described_class.matches?(request) } | ||
|
|
||
| context 'when the request is from a bot' do | ||
| let(:request) { instance_double(ActionDispatch::Request, bot?: true) } | ||
|
|
||
| it { is_expected.to eq(false) } | ||
| end | ||
|
|
||
| context 'when the request is from a user with a disabled account' do | ||
| let(:request) { instance_double(ActionDispatch::Request, bot?: false) } | ||
| let(:user_checker) { instance_double(WebuiControllerService::UserChecker, call: false) } | ||
|
|
||
| before do | ||
| allow(WebuiControllerService::UserChecker).to receive(:new).and_return(user_checker) | ||
| end | ||
|
|
||
| it { is_expected.to eq(false) } | ||
| end | ||
|
|
||
| context 'when the request is from an anonymous user' do | ||
| let(:request) { instance_double(ActionDispatch::Request, bot?: false, session: session) } | ||
| let(:session) { instance_double(ActionDispatch::Request::Session) } | ||
| let(:user_checker) { instance_double(WebuiControllerService::UserChecker, call: true) } | ||
|
|
||
| before do | ||
| allow(WebuiControllerService::UserChecker).to receive(:new).and_return(user_checker) | ||
| allow(session).to receive(:[]).with(:login).and_return(nil) | ||
| end | ||
|
|
||
| it { is_expected.to eq(false) } | ||
| end | ||
|
|
||
| context 'when the request is from a user without any role' do | ||
| let(:request) { instance_double(ActionDispatch::Request, bot?: false, session: session) } | ||
| let(:session) { instance_double(ActionDispatch::Request::Session) } | ||
| let(:user_checker) { instance_double(WebuiControllerService::UserChecker, call: true) } | ||
| let(:user) { create(:confirmed_user) } | ||
|
|
||
| before do | ||
| allow(WebuiControllerService::UserChecker).to receive(:new).and_return(user_checker) | ||
| allow(session).to receive(:[]).with(:login).and_return(user.login) | ||
| end | ||
|
|
||
| it { is_expected.to eq(false) } | ||
| end | ||
|
|
||
| context 'when the request is from a staff user' do | ||
| let(:request) { instance_double(ActionDispatch::Request, bot?: false, session: session) } | ||
| let(:session) { instance_double(ActionDispatch::Request::Session) } | ||
| let(:user_checker) { instance_double(WebuiControllerService::UserChecker, call: true) } | ||
| let(:user) { create(:staff_user) } | ||
|
|
||
| before do | ||
| allow(WebuiControllerService::UserChecker).to receive(:new).and_return(user_checker) | ||
| allow(session).to receive(:[]).with(:login).and_return(user.login) | ||
| end | ||
|
|
||
| it { is_expected.to eq(true) } | ||
| end | ||
|
|
||
| context 'when the request is from an admin user' do | ||
| let(:request) { instance_double(ActionDispatch::Request, bot?: false, session: session) } | ||
| let(:session) { instance_double(ActionDispatch::Request::Session) } | ||
| let(:user_checker) { instance_double(WebuiControllerService::UserChecker, call: true) } | ||
| let(:user) { create(:admin_user) } | ||
|
|
||
| before do | ||
| allow(WebuiControllerService::UserChecker).to receive(:new).and_return(user_checker) | ||
| allow(session).to receive(:[]).with(:login).and_return(user.login) | ||
| end | ||
|
|
||
| it { is_expected.to eq(true) } | ||
| end | ||
| end | ||
| end |