Usar el sistema de autorización de Sutty

Y eliminar código sin utilizar.
This commit is contained in:
f 2021-08-04 12:17:49 -03:00
parent 71ff9e5e7b
commit 71436d3be4
8 changed files with 15 additions and 47 deletions

View file

@ -3,6 +3,7 @@
# Forma de ingreso a Sutty
class ApplicationController < ActionController::Base
include ExceptionHandler
include Pundit
protect_from_forgery with: :null_session, prepend: true
@ -10,6 +11,7 @@ class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
around_action :set_locale
rescue_from Pundit::NilPolicyError, with: :page_not_found
rescue_from ActionController::RoutingError, with: :page_not_found
rescue_from ActionController::ParameterMissing, with: :page_not_found
@ -33,7 +35,7 @@ class ApplicationController < ActionController::Base
def find_site
id = params[:site_id] || params[:id]
unless (site = current_usuarie.sites.find_by_name(id))
unless (site = current_usuarie&.sites&.find_by_name(id))
raise SiteNotFound
end
@ -66,10 +68,7 @@ class ApplicationController < ActionController::Base
# sitio pueden acceder al panel.
def require_usuarie
site = find_site
unless site.usuarie? current_usuarie
redirect_to root_path
return
end
authorize SiteBlazer.new(site)
# Necesario para los breadcrumbs.
ActionView::Base.include Loaf::ViewExtensions unless ActionView::Base.included_modules.include? Loaf::ViewExtensions

View file

@ -2,9 +2,6 @@
# Controlador para artículos
class PostsController < ApplicationController
include Pundit
rescue_from Pundit::NilPolicyError, with: :page_not_found
before_action :authenticate_usuarie!
# TODO: Traer los comunes desde ApplicationController

View file

@ -6,8 +6,6 @@ class PrivateController < ApplicationController
# XXX: Permite ejecutar JS
skip_forgery_protection
include Pundit
# Enviar el archivo si existe, agregar una / al final siempre para no
# romper las direcciones relativas.
def show

View file

@ -2,9 +2,6 @@
# Controlador de sitios
class SitesController < ApplicationController
include Pundit
rescue_from Pundit::NilPolicyError, with: :page_not_found
before_action :authenticate_usuarie!
breadcrumb -> { current_usuarie.email }, :edit_usuarie_registration_path

View file

@ -1,18 +0,0 @@
# frozen_string_literal: true
# Estadísticas del sitio
class StatsController < ApplicationController
include Pundit
before_action :authenticate_usuarie!
def index
@site = find_site
authorize SiteStat.new(@site)
# Solo queremos el promedio de tiempo de compilación, no de
# instalación de dependencias.
stats = @site.build_stats.jekyll
@build_avg = stats.average(:seconds).to_f.round(2)
@build_max = stats.maximum(:seconds).to_f.round(2)
end
end

View file

@ -1,3 +1,3 @@
# frozen_string_literal: true
SiteStat = Struct.new(:site)
SiteBlazer = Struct.new(:site)

View file

@ -0,0 +1,10 @@
# frozen_string_literal: true
# Les invitades no pueden ver las estadísticas (aun)
SiteBlazerPolicy = Struct.new(:usuarie, :site_blazer) do
def home?
site_blazer&.site&.usuarie? usuarie
end
alias_method :show?, :home?
end

View file

@ -1,15 +0,0 @@
# frozen_string_literal: true
# Política de acceso a las estadísticas
class SiteStatPolicy
attr_reader :site_stat, :usuarie
def initialize(usuarie, site_stat)
@usuarie = usuarie
@site_stat = site_stat
end
def index?
site_stat.site.usuarie? usuarie
end
end