diff --git a/app/controllers/i18n_controller.rb b/app/controllers/i18n_controller.rb index 72c3b9bf..a8a63fa8 100644 --- a/app/controllers/i18n_controller.rb +++ b/app/controllers/i18n_controller.rb @@ -1,13 +1,16 @@ class I18nController < ApplicationController + include Pundit before_action :authenticate! def index + authorize :i18n @site = find_site redirect_to site_i18n_edit_path(@site) end def edit + authorize :i18n @site = find_site @lang_from = params.fetch(:from, I18n.locale.to_s) @lang_to = params.fetch(:to, @lang_from) @@ -17,6 +20,7 @@ class I18nController < ApplicationController end def update + authorize :i18n @site = find_site @lang_to = params.require(:i18n).require(:lang_to) # No usamos params porque nos obliga a hacer una lista blanca de diff --git a/app/controllers/sites_controller.rb b/app/controllers/sites_controller.rb index 55e56432..100bf9ea 100644 --- a/app/controllers/sites_controller.rb +++ b/app/controllers/sites_controller.rb @@ -1,15 +1,18 @@ # Controlador de sitios class SitesController < ApplicationController + include Pundit before_action :authenticate! # Ver un listado de sitios def index + authorize Site @sites = current_user.sites end # No tenemos propiedades de un sitio aún, así que vamos al listado de # artículos def show + authorize Site site = find_site redirect_to site_posts_path(site) @@ -17,6 +20,7 @@ class SitesController < ApplicationController # Envía un archivo del directorio público de Jekyll def send_public_file + authorize Site @site = find_site file = [params[:basename], params[:format]].join('.') path = Pathname.new(File.join(@site.path, 'public', params[:type], file)) @@ -36,6 +40,7 @@ class SitesController < ApplicationController def enqueue @site = find_site + authorize @site @site.enqueue! redirect_to sites_path @@ -43,6 +48,7 @@ class SitesController < ApplicationController def build_log @site = find_site + authorize @site # TODO eliminar ANSI render file: @site.build_log, @@ -52,6 +58,7 @@ class SitesController < ApplicationController def reorder_posts @site = find_site + authorize @site lang = params.require(:posts).require(:lang) if params[:posts][:force].present? @@ -68,5 +75,4 @@ class SitesController < ApplicationController redirect_to site_posts_path @site end - end diff --git a/app/policies/i18n_policy.rb b/app/policies/i18n_policy.rb new file mode 100644 index 00000000..68b29499 --- /dev/null +++ b/app/policies/i18n_policy.rb @@ -0,0 +1,19 @@ +class I18nPolicy < SuttyPolicy + + def initialize(usuarix, i18n) + @usuarix = usuarix + end + + # Solo las usuarias + def index? + usuaria? + end + + def edit? + update? + end + + def update? + usuaria? + end +end diff --git a/app/policies/site_policy.rb b/app/policies/site_policy.rb new file mode 100644 index 00000000..9b65e33c --- /dev/null +++ b/app/policies/site_policy.rb @@ -0,0 +1,39 @@ +class SitePolicy < SuttyPolicy + attr_reader :usuarix, :site + + def initialize(usuarix, site) + @usuarix = usuarix + @site = site + end + + # Todxs lxs usuarixs pueden ver el índice + def index? + true + end + + # Todxs lxs usuarixs pueden ver el sitio + def show? + true + end + + # Solo las usuarias + def build? + usuaria? + end + + def send_public_file? + true + end + + def enqueue? + usuaria? + end + + def build_log? + usuaria? + end + + def reorder_posts? + usuaria? + end +end diff --git a/app/policies/sutty_policy.rb b/app/policies/sutty_policy.rb new file mode 100644 index 00000000..620dc2f3 --- /dev/null +++ b/app/policies/sutty_policy.rb @@ -0,0 +1,11 @@ +class SuttyPolicy + attr_reader :usuarix + + def invitadx? + usuarix.is_a? Invitadx + end + + def usuaria? + usuarix.is_a? Usuaria + end +end diff --git a/app/views/sites/index.haml b/app/views/sites/index.haml index 2a88315d..565406fd 100644 --- a/app/views/sites/index.haml +++ b/app/views/sites/index.haml @@ -16,36 +16,40 @@ %h2= link_to site.name, site_path(site) %br .btn-group{role: 'group', 'aria-label': t('sites.actions')} - = render 'layouts/btn_with_tooltip', - tooltip: t('help.sites.edit_posts'), - type: 'success', - link: site_path(site), - text: t('sites.posts') - = render 'layouts/btn_with_tooltip', - tooltip: t('help.sites.edit_translations'), - text: t('i18n.edit'), - type: 'info', - link: site_i18n_edit_path(site) - - if site.enqueued? + - if policy(site).show? = render 'layouts/btn_with_tooltip', - tooltip: t('help.sites.enqueued'), - text: t('sites.enqueued'), - type: 'secondary', - link: nil - - else - = form_tag site_enqueue_path(site), method: :post, class: 'form-inline' do - = button_tag type: 'submit', - class: 'btn btn-success', - title: t('help.sites.enqueue'), - data: { toggle: 'tooltip' } do - = fa_icon 'building' - = t('sites.enqueue') + tooltip: t('help.sites.edit_posts'), + type: 'success', + link: site_path(site), + text: t('sites.posts') + - if policy(:i18n).edit? + = render 'layouts/btn_with_tooltip', + tooltip: t('help.sites.edit_translations'), + text: t('i18n.edit'), + type: 'info', + link: site_i18n_edit_path(site) + - if policy(site).build? + - if site.enqueued? + = render 'layouts/btn_with_tooltip', + tooltip: t('help.sites.enqueued'), + text: t('sites.enqueued'), + type: 'secondary', + link: nil + - else + = form_tag site_enqueue_path(site), method: :post, class: 'form-inline' do + = button_tag type: 'submit', + class: 'btn btn-success', + title: t('help.sites.enqueue'), + data: { toggle: 'tooltip' } do + = fa_icon 'building' + = t('sites.enqueue') - - if site.failed? - %button.btn.btn-danger= t('sites.failed') - - if site.build_log? - = render 'layouts/btn_with_tooltip', - tooltip: t('help.sites.build_log'), - text: t('sites.build_log'), - type: 'warning', - link: site_build_log_path(site) + - if policy(site).build_log? + - if site.failed? + %button.btn.btn-danger= t('sites.failed') + - if site.build_log? + = render 'layouts/btn_with_tooltip', + tooltip: t('help.sites.build_log'), + text: t('sites.build_log'), + type: 'warning', + link: site_build_log_path(site)