Download as
Browse Code »

Commit 14a2302f4c31e951f3b65d70edfb5d356a7d2c67

Authored by Victor Costa
1 parent f468e3c4
Exists in master and in 22 other branches angular_poc, api-article-archived, article-readonly, backup-7-jan-2016, captcha_serpro_plugin, content-manager-hostspot, export-comment-paragraph, fix_event_date_issue, login-captcha, master_rails3, new_video_plugin, pg_search_rank, production, refactor_with_role, refactor_with_role_scope, remove_profile_cat_icons, resend_confirmation_email, staging, staging_rails3, tasks_keep_filter_params, theme-brasil-digital-from-staging, travis

Add a option to enable whitelist in the environment

Showing 4 changed files with 19 additions and 11 deletions   Show diff stats
app/controllers/application_controller.rb
  Diff comments   View file @14a2302
@@ -8,7 +8,7 @@ class ApplicationController < ActionController::Base @@ -8,7 +8,7 @@ class ApplicationController < ActionController::Base
8 before_filter :verify_members_whitelist, :if => :user 8 before_filter :verify_members_whitelist, :if => :user
9 9
10 def verify_members_whitelist 10 def verify_members_whitelist
11 - render_access_denied unless user.is_admin? || environment.members_whitelist.blank? || environment.in_whitelist?(user) 11 + render_access_denied unless user.is_admin? || environment.in_whitelist?(user)
12 end 12 end
13 13
14 def allow_cross_domain_access 14 def allow_cross_domain_access
app/models/environment.rb
  Diff comments   View file @14a2302
@@ -295,10 +295,11 @@ class Environment < ActiveRecord::Base @@ -295,10 +295,11 @@ class Environment < ActiveRecord::Base
295 settings_items :access_control_allow_origin, :type => Array, :default => [] 295 settings_items :access_control_allow_origin, :type => Array, :default => []
296 settings_items :access_control_allow_methods, :type => String 296 settings_items :access_control_allow_methods, :type => String
297 297
  298 + settings_items :members_whitelist_enabled, :type => :boolean, :default => false
298 settings_items :members_whitelist, :type => Array, :default => [] 299 settings_items :members_whitelist, :type => Array, :default => []
299 300
300 def in_whitelist?(person) 301 def in_whitelist?(person)
301 - members_whitelist.include?(person.id) 302 + !members_whitelist_enabled || members_whitelist.include?(person.id)
302 end 303 end
303 304
304 def members_whitelist=(members) 305 def members_whitelist=(members)
app/views/features/index.rhtml
  Diff comments   View file @14a2302
@@ -38,9 +38,15 @@ Check all the features you want to enable for your environment, uncheck all the @@ -38,9 +38,15 @@ Check all the features you want to enable for your environment, uncheck all the
38 <hr/> 38 <hr/>
39 39
40 <h3><%= _('Members Whitelist') %></h3> 40 <h3><%= _('Members Whitelist') %></h3>
41 - <div class="info"><%= _('Allow these people to access this environment:') %></div>  
42 - <% tokenized_members = prepare_to_token_input(environment.people.find(:all, :conditions => {:id => environment.members_whitelist})) %>  
43 - <%= token_input_field_tag('environment[members_whitelist]', 'search-members', {:action => 'search_members'}, {:focus => false, :hint_text => _('Type in a search term for a user'), :pre_populate => tokenized_members}) %> 41 + <div class="option">
  42 + <%= check_box :environment, :members_whitelist_enabled %>
  43 + <label><%= _('Enable whitelist') %></label>
  44 + </div>
  45 + <div class="input">
  46 + <div class="info"><%= _('Allow these people to access this environment:') %></div>
  47 + <% tokenized_members = prepare_to_token_input(environment.people.find(:all, :conditions => {:id => environment.members_whitelist})) %>
  48 + <%= token_input_field_tag('environment[members_whitelist]', 'search-members', {:action => 'search_members'}, {:focus => false, :hint_text => _('Type in a search term for a user'), :pre_populate => tokenized_members}) %>
  49 + </div>
44 <hr/> 50 <hr/>
45 51
46 <div> 52 <div>
test/functional/application_controller_test.rb
  Diff comments   View file @14a2302
@@ -581,10 +581,10 @@ class ApplicationControllerTest &lt; ActionController::TestCase @@ -581,10 +581,10 @@ class ApplicationControllerTest &lt; ActionController::TestCase
581 assert_redirected_to :controller => 'account', :action => 'login' 581 assert_redirected_to :controller => 'account', :action => 'login'
582 end 582 end
583 583
584 - should 'do allow member in whitelist to access an environment' do 584 + should 'do not allow member not included in whitelist to access an environment' do
585 user = create_user 585 user = create_user
586 e = Environment.default 586 e = Environment.default
587 - e.members_whitelist = '1' 587 + e.members_whitelist_enabled = true
588 e.save! 588 e.save!
589 login_as(user.login) 589 login_as(user.login)
590 get :index 590 get :index
@@ -594,6 +594,7 @@ class ApplicationControllerTest &lt; ActionController::TestCase @@ -594,6 +594,7 @@ class ApplicationControllerTest &lt; ActionController::TestCase
594 should 'allow member in whitelist to access an environment' do 594 should 'allow member in whitelist to access an environment' do
595 user = create_user 595 user = create_user
596 e = Environment.default 596 e = Environment.default
  597 + e.members_whitelist_enabled = true
597 e.members_whitelist = "#{user.person.id}" 598 e.members_whitelist = "#{user.person.id}"
598 e.save! 599 e.save!
599 login_as(user.login) 600 login_as(user.login)
@@ -601,19 +602,19 @@ class ApplicationControllerTest &lt; ActionController::TestCase @@ -601,19 +602,19 @@ class ApplicationControllerTest &lt; ActionController::TestCase
601 assert_response :success 602 assert_response :success
602 end 603 end
603 604
604 - should 'allow members to access an environment if whitelist is blank' do 605 + should 'allow members to access an environment if whitelist is disabled' do
605 user = create_user 606 user = create_user
606 e = Environment.default 607 e = Environment.default
607 - e.members_whitelist = '' 608 + e.members_whitelist_enabled = false
608 e.save! 609 e.save!
609 login_as(user.login) 610 login_as(user.login)
610 get :index 611 get :index
611 assert_response :success 612 assert_response :success
612 end 613 end
613 614
614 - should 'allow admin to access an environment' do 615 + should 'allow admin to access an environment if whitelist is enabled' do
615 e = Environment.default 616 e = Environment.default
616 - e.members_whitelist = '1' 617 + e.members_whitelist_enabled = true
617 e.save! 618 e.save!
618 login_as(create_admin_user(e)) 619 login_as(create_admin_user(e))
619 get :index 620 get :index