Add whitelist mode (#11291)
parent
85b7b565de
commit
24552b5160
@ -0,0 +1,40 @@ |
||||
# frozen_string_literal: true |
||||
|
||||
class Admin::DomainAllowsController < Admin::BaseController |
||||
before_action :set_domain_allow, only: [:destroy] |
||||
|
||||
def new |
||||
authorize :domain_allow, :create? |
||||
|
||||
@domain_allow = DomainAllow.new(domain: params[:_domain]) |
||||
end |
||||
|
||||
def create |
||||
authorize :domain_allow, :create? |
||||
|
||||
@domain_allow = DomainAllow.new(resource_params) |
||||
|
||||
if @domain_allow.save |
||||
log_action :create, @domain_allow |
||||
redirect_to admin_instances_path, notice: I18n.t('admin.domain_allows.created_msg') |
||||
else |
||||
render :new |
||||
end |
||||
end |
||||
|
||||
def destroy |
||||
authorize @domain_allow, :destroy? |
||||
UnallowDomainService.new.call(@domain_allow) |
||||
redirect_to admin_instances_path, notice: I18n.t('admin.domain_allows.destroyed_msg') |
||||
end |
||||
|
||||
private |
||||
|
||||
def set_domain_allow |
||||
@domain_allow = DomainAllow.find(params[:id]) |
||||
end |
||||
|
||||
def resource_params |
||||
params.require(:domain_allow).permit(:domain) |
||||
end |
||||
end |
@ -0,0 +1,33 @@ |
||||
# frozen_string_literal: true |
||||
|
||||
# == Schema Information |
||||
# |
||||
# Table name: domain_allows |
||||
# |
||||
# id :bigint(8) not null, primary key |
||||
# domain :string default(""), not null |
||||
# created_at :datetime not null |
||||
# updated_at :datetime not null |
||||
# |
||||
|
||||
class DomainAllow < ApplicationRecord |
||||
include DomainNormalizable |
||||
|
||||
validates :domain, presence: true, uniqueness: true |
||||
|
||||
scope :matches_domain, ->(value) { where(arel_table[:domain].matches("%#{value}%")) } |
||||
|
||||
class << self |
||||
def allowed?(domain) |
||||
!rule_for(domain).nil? |
||||
end |
||||
|
||||
def rule_for(domain) |
||||
return if domain.blank? |
||||
|
||||
uri = Addressable::URI.new.tap { |u| u.host = domain.gsub(/[\/]/, '') } |
||||
|
||||
find_by(domain: uri.normalized_host) |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,11 @@ |
||||
# frozen_string_literal: true |
||||
|
||||
class DomainAllowPolicy < ApplicationPolicy |
||||
def create? |
||||
admin? |
||||
end |
||||
|
||||
def destroy? |
||||
admin? |
||||
end |
||||
end |
@ -0,0 +1,11 @@ |
||||
# frozen_string_literal: true |
||||
|
||||
class UnallowDomainService < BaseService |
||||
def call(domain_allow) |
||||
Account.where(domain: domain_allow.domain).find_each do |account| |
||||
SuspendAccountService.new.call(account, destroy: true) |
||||
end |
||||
|
||||
domain_allow.destroy |
||||
end |
||||
end |
@ -0,0 +1,14 @@ |
||||
- content_for :header_tags do |
||||
= javascript_pack_tag 'admin', integrity: true, async: true, crossorigin: 'anonymous' |
||||
|
||||
- content_for :page_title do |
||||
= t('admin.domain_allows.add_new') |
||||
|
||||
= simple_form_for @domain_allow, url: admin_domain_allows_path do |f| |
||||
= render 'shared/error_messages', object: @domain_allow |
||||
|
||||
.fields-group |
||||
= f.input :domain, wrapper: :with_label, label: t('admin.domain_blocks.domain'), required: true |
||||
|
||||
.actions |
||||
= f.button :button, t('admin.domain_allows.add_new'), type: :submit |
@ -0,0 +1,5 @@ |
||||
# frozen_string_literal: true |
||||
|
||||
Rails.application.configure do |
||||
config.x.whitelist_mode = ENV['WHITELIST_MODE'] == 'true' |
||||
end |
@ -0,0 +1,9 @@ |
||||
class CreateDomainAllows < ActiveRecord::Migration[5.2] |
||||
def change |
||||
create_table :domain_allows do |t| |
||||
t.string :domain, default: '', null: false, index: { unique: true } |
||||
|
||||
t.timestamps |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,3 @@ |
||||
Fabricator(:domain_allow) do |
||||
domain "MyString" |
||||
end |
@ -0,0 +1,5 @@ |
||||
require 'rails_helper' |
||||
|
||||
RSpec.describe DomainAllow, type: :model do |
||||
pending "add some examples to (or delete) #{__FILE__}" |
||||
end |
Loading…
Reference in new issue