مراية لـ
https://github.com/postalserver/postal.git
تم المزامنة 2025-11-30 21:32:30 +00:00
only allow organizations to be managed by admins
هذا الالتزام موجود في:
Adam Cooke
@@ -1,10 +0,0 @@
|
||||
class Admin::OrganizationsController < ApplicationController
|
||||
|
||||
before_action :admin_required
|
||||
before_action { params[:id] && @organization = Organization.find_by_permalink!(params[:id]) }
|
||||
|
||||
def index
|
||||
@organizations = Organization.order(:created_at => :desc).includes(:owner).page(params[:page])
|
||||
end
|
||||
|
||||
end
|
||||
@@ -1,10 +0,0 @@
|
||||
class Admin::StatsController < ApplicationController
|
||||
|
||||
before_action :admin_required
|
||||
|
||||
def stats
|
||||
@stats = Statistic.global
|
||||
@queue_size = QueuedMessage.unlocked.retriable.count
|
||||
end
|
||||
|
||||
end
|
||||
@@ -1,11 +1,16 @@
|
||||
class OrganizationsController < ApplicationController
|
||||
|
||||
before_action :admin_required, :only => [:new, :create]
|
||||
before_action :require_organization_admin, :only => [:edit, :update, :delete, :destroy]
|
||||
|
||||
def index
|
||||
@organizations = current_user.organizations.present.order(:name).to_a
|
||||
if @organizations.size == 1 && params[:nrd].nil?
|
||||
redirect_to organization_root_path(@organizations.first)
|
||||
if current_user.admin?
|
||||
@organizations = Organization.present.order(:name).to_a
|
||||
else
|
||||
@organizations = current_user.organizations.present.order(:name).to_a
|
||||
if @organizations.size == 1 && params[:nrd].nil?
|
||||
redirect_to organization_root_path(@organizations.first)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@@ -17,7 +22,6 @@ class OrganizationsController < ApplicationController
|
||||
@organization = Organization.new(params.require(:organization).permit(:name, :permalink))
|
||||
@organization.owner = current_user
|
||||
if @organization.save
|
||||
@organization.users << current_user
|
||||
redirect_to_with_json organization_root_path(@organization)
|
||||
else
|
||||
render_form_errors 'new', @organization
|
||||
|
||||
@@ -1,24 +0,0 @@
|
||||
- page_title << "Admin"
|
||||
- page_title << "Organizations"
|
||||
.pageHeader
|
||||
%h1.pageHeader__title
|
||||
%span.pageHeader__titlePrevious Admin →
|
||||
Organizations
|
||||
.pageContent
|
||||
%table.dataTable
|
||||
%thead
|
||||
%tr
|
||||
%td{:width => "30%"} Name
|
||||
%td{:width => "25%"} Owner
|
||||
%td{:width => "5%"} Servers
|
||||
%td{:width => "10%"} Status
|
||||
%td{:width => "15%"} Created
|
||||
%tbody
|
||||
- for organization in @organizations
|
||||
%tr
|
||||
%td= link_to organization.name, organization_root_path(organization), :class => "u-link"
|
||||
%td= organization.owner&.name || "No Owner"
|
||||
%td= organization.servers.count
|
||||
%td= organization.status
|
||||
%td= organization.created_at.to_s(:long)
|
||||
= paginate @organizations
|
||||
@@ -1,21 +0,0 @@
|
||||
- page_title << "Admin"
|
||||
- page_title << "Stats"
|
||||
|
||||
.pageContent
|
||||
.adminStats
|
||||
%dl.adminStats__stat
|
||||
%dt Total Messages
|
||||
%dd= number_with_delimiter @stats.total_messages
|
||||
|
||||
%dl.adminStats__stat
|
||||
%dt Total Outgoing
|
||||
%dd= number_with_delimiter @stats.total_outgoing
|
||||
|
||||
|
||||
%dl.adminStats__stat
|
||||
%dt Total Incoming
|
||||
%dd= number_with_delimiter @stats.total_incoming
|
||||
|
||||
%dl.adminStats__stat
|
||||
%dt Current Queue Size
|
||||
%dd= number_with_delimiter @queue_size
|
||||
@@ -33,13 +33,11 @@
|
||||
- if organization.admin?(current_user)
|
||||
%li.siteHeader__subMenuItem= link_to "Organization Settings", organization_settings_path(organization), :class => 'siteHeader__subMenuLink'
|
||||
%li.siteHeader__subMenuItem= link_to "Manage Users", organization_users_path(organization), :class => 'siteHeader__subMenuLink'
|
||||
|
||||
%li.siteHeader__subMenuItem.siteHeader__subMenuItem--div= link_to "Create new organization", :new_organization, :class => 'siteHeader__subMenuLink'
|
||||
- if current_user.admin?
|
||||
%li.siteHeader__subMenuItem= link_to "Create new organization", :new_organization, :class => 'siteHeader__subMenuLink'
|
||||
- if current_user.organizations.present.count > 1
|
||||
%li.siteHeader__subMenuItem= link_to "Switch organization", root_path, :class => 'siteHeader__subMenuLink'
|
||||
%li.siteHeader__navItem.siteHeader__navItem--user= current_user.name
|
||||
- if current_user.admin?
|
||||
%li.siteHeader__navItem= link_to "Admin", admin_root_path, :class => 'sideHeader__navItemLink'
|
||||
%li.siteHeader__navItem= link_to "My Settings", settings_path, :class => 'sideHeader__navItemLink'
|
||||
%li.siteHeader__navItem= link_to "Logout", logout_path, :method => :delete, :class => 'sideHeader__navItemLink'
|
||||
|
||||
|
||||
@@ -7,12 +7,16 @@
|
||||
|
||||
- if @organizations.empty?
|
||||
.noData.noData--panda.noData--clean
|
||||
%p.noData__title This is unbearable! You don't have any organizations.
|
||||
%p.noData__text
|
||||
That's not on. You need an organization otherwise you can't do much here. Hit
|
||||
the button below and you'll be up and running with 10,000 free e-mails before
|
||||
you know it.
|
||||
%p.noData__button= link_to "Create your first organization", :new_organization, :class => 'button button--positive'
|
||||
%p.noData__title There are no organizations.
|
||||
- if current_user.admin?
|
||||
%p.noData__text
|
||||
That's not on. You need an organization otherwise you can't do much here. Hit
|
||||
the button below to create the first organization.
|
||||
%p.noData__button= link_to "Create the first organization", :new_organization, :class => 'button button--positive'
|
||||
- else
|
||||
%p.noData__text
|
||||
You don't have access to any organizations yet. Ask your administrator to invite
|
||||
you to some organizations.
|
||||
- else
|
||||
%p.pageContent__intro.u-margin
|
||||
Organizations are entities which are able to deploy mail servers.
|
||||
@@ -25,4 +29,5 @@
|
||||
= link_to organization_root_path(organization), :class => 'largeList__link' do
|
||||
= organization.name
|
||||
|
||||
%p.u-center= link_to "Start another organization", :new_organization, :class => 'button button--positive'
|
||||
- if current_user.admin?
|
||||
%p.u-center= link_to "Start another organization", :new_organization, :class => 'button button--positive'
|
||||
|
||||
@@ -8,39 +8,50 @@
|
||||
|
||||
= render 'organizations/nav', :active_nav => :users
|
||||
.pageContent.pageContent--compact
|
||||
%p.pageContent__intro.u-margin
|
||||
You can share access to your organization with other people by adding them
|
||||
here. They'll need to create their own account first and then you'll be able
|
||||
to add them to your organization by entering their e-mail address.
|
||||
- if @users.empty? && @pending_users.empty?
|
||||
.noData.noData--penguin.noData--clean
|
||||
%p.noData__title There are no users assigned to this organization.
|
||||
%p.noData__text
|
||||
You add additional users that will be permitted to access this organization.
|
||||
They will be sent an email and they'll be able to create an account which will
|
||||
allow them to login and access this organization.
|
||||
%p.noData__button.buttonSet.buttonSet--center
|
||||
= link_to "Invite the first user", [:new, organization, :user], :class => 'button button--positive'
|
||||
|
||||
%ul.userList.u-margin
|
||||
- for user in @users
|
||||
%li.userList__item
|
||||
= image_tag user.user.avatar_url, :class => 'userList__avatar'
|
||||
.userList__details
|
||||
%p.userList__name
|
||||
= user.user.name
|
||||
- if user.user == organization.owner
|
||||
%span.userList__owner.label Owner
|
||||
- elsif user.admin?
|
||||
%span.userList__admin.label Admin
|
||||
%p.userList__email= user.user.email_address
|
||||
%ul.userList__actions
|
||||
- if organization.owner != user.user
|
||||
%li= link_to "Edit permissions", [:edit, organization, user.user]
|
||||
- if organization.owner == current_user
|
||||
%li= link_to "Make owner", [:make_owner, organization, user.user], :method => :post, :data => {:confirm => "Are you sure you wish to make #{user.user.name} the owner of this organization? They will be granted full admin access. You won't be able to change this back.", :disable_with => "Promoting..."}, :remote => true
|
||||
%li= link_to "Revoke access", [organization, user.user], :method => :delete, :data => {:confirm => "Are you sure you wish to revoke #{user.user.name}'s access to the organization?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke'
|
||||
- for user in @pending_users
|
||||
%li.userList__item
|
||||
= image_tag user.user.avatar_url, :class => 'userList__avatar'
|
||||
.userList__details
|
||||
%p.userList__name
|
||||
= user.user.email_address
|
||||
%span.userList__pending.label Pending
|
||||
%ul.userList__actions
|
||||
%li= link_to "Edit permissions", edit_organization_user_path(organization, user.user, :invite => 1)
|
||||
%li= link_to "Cancel invitation", organization_user_path(organization, user.user, :invite => 1), :method => :delete, :data => {:confirm => "Are you sure you wish to cancel this invitation?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke'
|
||||
- else
|
||||
%p.pageContent__intro.u-margin
|
||||
You can share access to this organization with other people by adding them
|
||||
here. They'll need to create their own account first and then you'll be able
|
||||
to add them to your organization by entering their e-mail address.
|
||||
|
||||
%ul.userList.u-margin
|
||||
- for user in @users
|
||||
%li.userList__item
|
||||
= image_tag user.user.avatar_url, :class => 'userList__avatar'
|
||||
.userList__details
|
||||
%p.userList__name
|
||||
= user.user.name
|
||||
- if user.user == organization.owner
|
||||
%span.userList__owner.label Owner
|
||||
- elsif user.admin?
|
||||
%span.userList__admin.label Admin
|
||||
%p.userList__email= user.user.email_address
|
||||
%ul.userList__actions
|
||||
- if organization.owner != user.user
|
||||
%li= link_to "Edit permissions", [:edit, organization, user.user]
|
||||
- if organization.owner == current_user
|
||||
%li= link_to "Make owner", [:make_owner, organization, user.user], :method => :post, :data => {:confirm => "Are you sure you wish to make #{user.user.name} the owner of this organization? They will be granted full admin access. You won't be able to change this back.", :disable_with => "Promoting..."}, :remote => true
|
||||
%li= link_to "Revoke access", [organization, user.user], :method => :delete, :data => {:confirm => "Are you sure you wish to revoke #{user.user.name}'s access to the organization?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke'
|
||||
- for user in @pending_users
|
||||
%li.userList__item
|
||||
= image_tag user.user.avatar_url, :class => 'userList__avatar'
|
||||
.userList__details
|
||||
%p.userList__name
|
||||
= user.user.email_address
|
||||
%span.userList__pending.label Pending
|
||||
%ul.userList__actions
|
||||
%li= link_to "Edit permissions", edit_organization_user_path(organization, user.user, :invite => 1)
|
||||
%li= link_to "Cancel invitation", organization_user_path(organization, user.user, :invite => 1), :method => :delete, :data => {:confirm => "Are you sure you wish to cancel this invitation?", :disable_with => "Deleting..."}, :remote => true, :class => 'userList__revoke'
|
||||
|
||||
|
||||
%p.u-center= link_to "Invite a new user", [:new, organization, :user], :class => 'button button--positive'
|
||||
%p.u-center= link_to "Invite a new user", [:new, organization, :user], :class => 'button button--positive'
|
||||
|
||||
@@ -70,12 +70,6 @@ Rails.application.routes.draw do
|
||||
|
||||
resources :organizations, :except => [:index]
|
||||
|
||||
namespace :admin do
|
||||
resources :organizations
|
||||
get 'stats' => 'stats#stats'
|
||||
root :to => redirect("/admin/organizations")
|
||||
end
|
||||
|
||||
get 'settings' => 'user#edit'
|
||||
patch 'settings' => 'user#update'
|
||||
post 'persist' => 'sessions#persist'
|
||||
|
||||
@@ -159,4 +159,8 @@ module Postal
|
||||
end
|
||||
end
|
||||
|
||||
def self.anonymous_signup?
|
||||
config.general&.anonymous_signup != false
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
المرجع في مشكلة جديدة
حظر مستخدم