From 46daca9aa70ee5a5df4879be8adae0ab2161f7a6 Mon Sep 17 00:00:00 2001 From: Adam Cooke Date: Fri, 21 Apr 2017 10:18:24 +0100 Subject: [PATCH] only allow organizations to be managed by admins --- .../admin/organizations_controller.rb | 10 --- app/controllers/admin/stats_controller.rb | 10 --- app/controllers/organizations_controller.rb | 12 ++- app/views/admin/organizations/index.html.haml | 24 ------ app/views/admin/stats/stats.html.haml | 21 ----- app/views/layouts/application.html.haml | 6 +- app/views/organizations/index.html.haml | 19 +++-- app/views/users/index.html.haml | 77 +++++++++++-------- config/routes.rb | 6 -- lib/postal/config.rb | 4 + 10 files changed, 70 insertions(+), 119 deletions(-) delete mode 100644 app/controllers/admin/organizations_controller.rb delete mode 100644 app/controllers/admin/stats_controller.rb delete mode 100644 app/views/admin/organizations/index.html.haml delete mode 100644 app/views/admin/stats/stats.html.haml diff --git a/app/controllers/admin/organizations_controller.rb b/app/controllers/admin/organizations_controller.rb deleted file mode 100644 index 88e549a..0000000 --- a/app/controllers/admin/organizations_controller.rb +++ /dev/null @@ -1,10 +0,0 @@ -class Admin::OrganizationsController < ApplicationController - - before_action :admin_required - before_action { params[:id] && @organization = Organization.find_by_permalink!(params[:id]) } - - def index - @organizations = Organization.order(:created_at => :desc).includes(:owner).page(params[:page]) - end - -end diff --git a/app/controllers/admin/stats_controller.rb b/app/controllers/admin/stats_controller.rb deleted file mode 100644 index cdcb6b0..0000000 --- a/app/controllers/admin/stats_controller.rb +++ /dev/null @@ -1,10 +0,0 @@ -class Admin::StatsController < ApplicationController - - before_action :admin_required - - def stats - @stats = Statistic.global - @queue_size = QueuedMessage.unlocked.retriable.count - end - -end diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index 1e12b5c..ada4e96 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -1,11 +1,16 @@ class OrganizationsController < ApplicationController + before_action :admin_required, :only => [:new, :create] before_action :require_organization_admin, :only => [:edit, :update, :delete, :destroy] def index - @organizations = current_user.organizations.present.order(:name).to_a - if @organizations.size == 1 && params[:nrd].nil? - redirect_to organization_root_path(@organizations.first) + if current_user.admin? + @organizations = Organization.present.order(:name).to_a + else + @organizations = current_user.organizations.present.order(:name).to_a + if @organizations.size == 1 && params[:nrd].nil? + redirect_to organization_root_path(@organizations.first) + end end end @@ -17,7 +22,6 @@ class OrganizationsController < ApplicationController @organization = Organization.new(params.require(:organization).permit(:name, :permalink)) @organization.owner = current_user if @organization.save - @organization.users << current_user redirect_to_with_json organization_root_path(@organization) else render_form_errors 'new', @organization diff --git a/app/views/admin/organizations/index.html.haml b/app/views/admin/organizations/index.html.haml deleted file mode 100644 index 16cfba3..0000000 --- a/app/views/admin/organizations/index.html.haml +++ /dev/null @@ -1,24 +0,0 @@ -- page_title << "Admin" -- page_title << "Organizations" -.pageHeader - %h1.pageHeader__title - %span.pageHeader__titlePrevious Admin → - Organizations -.pageContent - %table.dataTable - %thead - %tr - %td{:width => "30%"} Name - %td{:width => "25%"} Owner - %td{:width => "5%"} Servers - %td{:width => "10%"} Status - %td{:width => "15%"} Created - %tbody - - for organization in @organizations - %tr - %td= link_to organization.name, organization_root_path(organization), :class => "u-link" - %td= organization.owner&.name || "No Owner" - %td= organization.servers.count - %td= organization.status - %td= organization.created_at.to_s(:long) - = paginate @organizations diff --git a/app/views/admin/stats/stats.html.haml b/app/views/admin/stats/stats.html.haml deleted file mode 100644 index 22f9f82..0000000 --- a/app/views/admin/stats/stats.html.haml +++ /dev/null @@ -1,21 +0,0 @@ -- page_title << "Admin" -- page_title << "Stats" - -.pageContent - .adminStats - %dl.adminStats__stat - %dt Total Messages - %dd= number_with_delimiter @stats.total_messages - - %dl.adminStats__stat - %dt Total Outgoing - %dd= number_with_delimiter @stats.total_outgoing - - - %dl.adminStats__stat - %dt Total Incoming - %dd= number_with_delimiter @stats.total_incoming - - %dl.adminStats__stat - %dt Current Queue Size - %dd= number_with_delimiter @queue_size diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml index bc6ceb4..71113ff 100644 --- a/app/views/layouts/application.html.haml +++ b/app/views/layouts/application.html.haml @@ -33,13 +33,11 @@ - if organization.admin?(current_user) %li.siteHeader__subMenuItem= link_to "Organization Settings", organization_settings_path(organization), :class => 'siteHeader__subMenuLink' %li.siteHeader__subMenuItem= link_to "Manage Users", organization_users_path(organization), :class => 'siteHeader__subMenuLink' - - %li.siteHeader__subMenuItem.siteHeader__subMenuItem--div= link_to "Create new organization", :new_organization, :class => 'siteHeader__subMenuLink' + - if current_user.admin? + %li.siteHeader__subMenuItem= link_to "Create new organization", :new_organization, :class => 'siteHeader__subMenuLink' - if current_user.organizations.present.count > 1 %li.siteHeader__subMenuItem= link_to "Switch organization", root_path, :class => 'siteHeader__subMenuLink' %li.siteHeader__navItem.siteHeader__navItem--user= current_user.name - - if current_user.admin? - %li.siteHeader__navItem= link_to "Admin", admin_root_path, :class => 'sideHeader__navItemLink' %li.siteHeader__navItem= link_to "My Settings", settings_path, :class => 'sideHeader__navItemLink' %li.siteHeader__navItem= link_to "Logout", logout_path, :method => :delete, :class => 'sideHeader__navItemLink' diff --git a/app/views/organizations/index.html.haml b/app/views/organizations/index.html.haml index b3a6adc..6752612 100644 --- a/app/views/organizations/index.html.haml +++ b/app/views/organizations/index.html.haml @@ -7,12 +7,16 @@ - if @organizations.empty? .noData.noData--panda.noData--clean - %p.noData__title This is unbearable! You don't have any organizations. - %p.noData__text - That's not on. You need an organization otherwise you can't do much here. Hit - the button below and you'll be up and running with 10,000 free e-mails before - you know it. - %p.noData__button= link_to "Create your first organization", :new_organization, :class => 'button button--positive' + %p.noData__title There are no organizations. + - if current_user.admin? + %p.noData__text + That's not on. You need an organization otherwise you can't do much here. Hit + the button below to create the first organization. + %p.noData__button= link_to "Create the first organization", :new_organization, :class => 'button button--positive' + - else + %p.noData__text + You don't have access to any organizations yet. Ask your administrator to invite + you to some organizations. - else %p.pageContent__intro.u-margin Organizations are entities which are able to deploy mail servers. @@ -25,4 +29,5 @@ = link_to organization_root_path(organization), :class => 'largeList__link' do = organization.name - %p.u-center= link_to "Start another organization", :new_organization, :class => 'button button--positive' + - if current_user.admin? + %p.u-center= link_to "Start another organization", :new_organization, :class => 'button button--positive' diff --git a/app/views/users/index.html.haml b/app/views/users/index.html.haml index 96ce9ba..f611f7d 100644 --- a/app/views/users/index.html.haml +++ b/app/views/users/index.html.haml @@ -8,39 +8,50 @@ = render 'organizations/nav', :active_nav => :users .pageContent.pageContent--compact - %p.pageContent__intro.u-margin - You can share access to your organization with other people by adding them - here. They'll need to create their own account first and then you'll be able - to add them to your organization by entering their e-mail address. + - if @users.empty? && @pending_users.empty? + .noData.noData--penguin.noData--clean + %p.noData__title There are no users assigned to this organization. + %p.noData__text + You add additional users that will be permitted to access this organization. + They will be sent an email and they'll be able to create an account which will + allow them to login and access this organization. + %p.noData__button.buttonSet.buttonSet--center + = link_to "Invite the first user", [:new, organization, :user], :class => 'button button--positive' - %ul.userList.u-margin - - for user in @users - %li.userList__item - = image_tag user.user.avatar_url, :class => 'userList__avatar' - .userList__details - %p.userList__name - = user.user.name - - if user.user == organization.owner - %span.userList__owner.label Owner - - elsif user.admin? - %span.userList__admin.label Admin - %p.userList__email= user.user.email_address - %ul.userList__actions - - if organization.owner != user.user - %li= link_to "Edit permissions", [:edit, organization, user.user] - - if organization.owner == current_user - %li= link_to "Make owner", [:make_owner, organization, user.user], :method => :post, :data => {:confirm => "Are you sure you wish to make #{user.user.name} the owner of this organization? They will be granted full admin access. You won't be able to change this back.", :disable_with => "Promoting..."}, :remote => true - %li= link_to "Revoke access", [organization, user.user], :method => :delete, :data => {:confirm => "Are you sure you wish to revoke #{user.user.name}'s access to the organization?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke' - - for user in @pending_users - %li.userList__item - = image_tag user.user.avatar_url, :class => 'userList__avatar' - .userList__details - %p.userList__name - = user.user.email_address - %span.userList__pending.label Pending - %ul.userList__actions - %li= link_to "Edit permissions", edit_organization_user_path(organization, user.user, :invite => 1) - %li= link_to "Cancel invitation", organization_user_path(organization, user.user, :invite => 1), :method => :delete, :data => {:confirm => "Are you sure you wish to cancel this invitation?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke' + - else + %p.pageContent__intro.u-margin + You can share access to this organization with other people by adding them + here. They'll need to create their own account first and then you'll be able + to add them to your organization by entering their e-mail address. + + %ul.userList.u-margin + - for user in @users + %li.userList__item + = image_tag user.user.avatar_url, :class => 'userList__avatar' + .userList__details + %p.userList__name + = user.user.name + - if user.user == organization.owner + %span.userList__owner.label Owner + - elsif user.admin? + %span.userList__admin.label Admin + %p.userList__email= user.user.email_address + %ul.userList__actions + - if organization.owner != user.user + %li= link_to "Edit permissions", [:edit, organization, user.user] + - if organization.owner == current_user + %li= link_to "Make owner", [:make_owner, organization, user.user], :method => :post, :data => {:confirm => "Are you sure you wish to make #{user.user.name} the owner of this organization? They will be granted full admin access. You won't be able to change this back.", :disable_with => "Promoting..."}, :remote => true + %li= link_to "Revoke access", [organization, user.user], :method => :delete, :data => {:confirm => "Are you sure you wish to revoke #{user.user.name}'s access to the organization?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke' + - for user in @pending_users + %li.userList__item + = image_tag user.user.avatar_url, :class => 'userList__avatar' + .userList__details + %p.userList__name + = user.user.email_address + %span.userList__pending.label Pending + %ul.userList__actions + %li= link_to "Edit permissions", edit_organization_user_path(organization, user.user, :invite => 1) + %li= link_to "Cancel invitation", organization_user_path(organization, user.user, :invite => 1), :method => :delete, :data => {:confirm => "Are you sure you wish to cancel this invitation?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke' - %p.u-center= link_to "Invite a new user", [:new, organization, :user], :class => 'button button--positive' + %p.u-center= link_to "Invite a new user", [:new, organization, :user], :class => 'button button--positive' diff --git a/config/routes.rb b/config/routes.rb index c30e693..dba4d45 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -70,12 +70,6 @@ Rails.application.routes.draw do resources :organizations, :except => [:index] - namespace :admin do - resources :organizations - get 'stats' => 'stats#stats' - root :to => redirect("/admin/organizations") - end - get 'settings' => 'user#edit' patch 'settings' => 'user#update' post 'persist' => 'sessions#persist' diff --git a/lib/postal/config.rb b/lib/postal/config.rb index d95a3b2..b40e312 100644 --- a/lib/postal/config.rb +++ b/lib/postal/config.rb @@ -159,4 +159,8 @@ module Postal end end + def self.anonymous_signup? + config.general&.anonymous_signup != false + end + end