jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pundit: convert bans to pundit.

Browse Source
This commit is contained in:
evazion
2020-03-17 22:47:49 -05:00
parent ff1d71af2e
commit 3d72e62c77
6 changed files with 121 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
app/controllers/bans_controller.rb
View File

@@ -1,59 +1,44 @@
class BansController < ApplicationController
before_action :moderator_only, :except => [:show, :index]
respond_to :html, :xml, :json
helper_method :search_params
def new
@ban = Ban.new(ban_params(:create))
@ban = authorize Ban.new(permitted_attributes(Ban))
respond_with(@ban)
end
def edit
@ban = Ban.find(params[:id])
@ban = authorize Ban.find(params[:id])
respond_with(@ban)
end
def index
@bans = Ban.paginated_search(params, count_pages: true)
@bans = authorize Ban.paginated_search(params, count_pages: true)
@bans = @bans.includes(:user, :banner) if request.format.html?
respond_with(@bans)
end
def show
@ban = Ban.find(params[:id])
@ban = authorize Ban.find(params[:id])
respond_with(@ban)
end
def create
@ban = Ban.create(banner: CurrentUser.user, **ban_params(:create))
if @ban.errors.any?
render :action => "new"
else
redirect_to ban_path(@ban), :notice => "Ban created"
end
@ban = authorize Ban.new(banner: CurrentUser.user, **permitted_attributes(Ban))
@ban.save
respond_with(@ban)
end
def update
@ban = Ban.find(params[:id])
if @ban.update(ban_params(:update))
redirect_to ban_path(@ban), :notice => "Ban updated"
else
render :action => "edit"
end
@ban = authorize Ban.find(params[:id])
@ban.update(permitted_attributes(@ban))
respond_with(@ban)
end
def destroy
@ban = Ban.find(params[:id])
@ban = authorize Ban.find(params[:id])
@ban.destroy
redirect_to bans_path, :notice => "Ban destroyed"
end
private
def ban_params(context)
permitted_params = %i[reason duration expires_at]
permitted_params += %i[user_id user_name] if context == :create
params.fetch(:ban, {}).permit(permitted_params)
respond_with(@ban)
end
end

22
app/models/ban.rb
View File

@@ -6,7 +6,6 @@ class Ban < ApplicationRecord
after_destroy :create_unban_mod_action
belongs_to :user
belongs_to :banner, :class_name => "User"
validate :user_is_inferior
validates_presence_of :reason, :duration
scope :unexpired, -> { where("bans.expires_at > ?", Time.now) }
@@ -49,25 +48,6 @@ class Ban < ApplicationRecord
end
end
def user_is_inferior
if user
if user.is_admin?
errors[:base] << "You can never ban an admin."
false
elsif user.is_moderator? && banner.is_admin?
true
elsif user.is_moderator?
errors[:base] << "Only admins can ban moderators."
false
elsif banner.is_admin? || banner.is_moderator?
true
else
errors[:base] << "No one else can ban."
false
end
end
end
def update_user_on_create
user.update!(is_banned: true)
end
@@ -96,7 +76,7 @@ class Ban < ApplicationRecord
end
def expired?
expires_at < Time.now
persisted? && expires_at < Time.now
end
def create_feedback

18
app/policies/ban_policy.rb Normal file
View File

@@ -0,0 +1,18 @@
class BanPolicy < ApplicationPolicy
def bannable?
user.is_moderator? && (record.user.blank? || (record.user.level < user.level))
end
alias_method :edit?, :bannable?
alias_method :create?, :bannable?
alias_method :update?, :bannable?
alias_method :destroy?, :bannable?
def permitted_attributes_for_create
[:reason, :duration, :expires_at, :user_id, :user_name]
end
def permitted_attributes_for_update
[:reason, :duration, :expires_at]
end
end

2
app/views/bans/index.html.erb
View File

@@ -23,7 +23,7 @@
<div><%= time_ago_in_words_tagged(ban.created_at) %></div>
<% end %>
<% t.column column: "control" do |ban| %>
<% if CurrentUser.is_moderator? %>
<% if policy(ban).update? %>
<%= link_to "Edit", edit_ban_path(ban) %>
| <%= link_to "Delete", ban_path(ban), :method => :delete, :remote => true %>
<% end %>