Redirect root path requests to the tenants administration

When the `multitenancy_management_mode` is enabled. In order to avoid infinite redirects when regular users try to access the admin section, we're redirecting to the account page in this case. Otherwise, the admin section would redirect to the root path, which would redirect to the admin section, which would redirect to the root path, and so on.
2022-12-23 13:46:42 +01:00
parent a5911f5c6a
commit 93b35fcecc
3 changed files with 41 additions and 1 deletions
--- a/app/controllers/concerns/access_denied_handler.rb
+++ b/app/controllers/concerns/access_denied_handler.rb
@@ -4,7 +4,13 @@ module AccessDeniedHandler
  included do
    rescue_from CanCan::AccessDenied do |exception|
      respond_to do |format|
-        format.html { redirect_to main_app.root_path, alert: exception.message }
+        format.html do
+          if Rails.application.multitenancy_management_mode?
+            redirect_to main_app.account_path, alert: exception.message
+          else
+            redirect_to main_app.root_path, alert: exception.message
+          end
+        end
        format.json { render json: { error: exception.message }, status: :forbidden }
      end
    end
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -8,6 +8,10 @@ Rails.application.routes.draw do
  draw :admin
  draw :devise

+  constraints lambda { |request| Rails.application.multitenancy_management_mode? } do
+    get "/", to: "admin/tenants#index"
+  end
+
  constraints lambda { |request| !Rails.application.multitenancy_management_mode? } do
    draw :budget
    draw :comment
--- a/spec/system/multitenancy_management_mode_spec.rb
+++ b/spec/system/multitenancy_management_mode_spec.rb
@@ -25,4 +25,34 @@ describe "Multitenancy management mode", :admin do
      expect(page).to have_css "li", count: 2
    end
  end
+
+  scenario "redirects root path requests to the admin tenants path" do
+    visit root_path
+
+    expect(page).to have_content "CONSUL ADMINISTRATION", normalize_ws: true
+    expect(page).to have_content "Multitenancy"
+    expect(page).not_to have_content "Most active proposals"
+  end
+
+  scenario "does not redirect other tenants when visiting the root path", :seed_tenants do
+    create(:tenant, schema: "mars")
+
+    with_subdomain("mars") do
+      visit root_path
+
+      expect(page).to have_content "Most active proposals"
+      expect(page).not_to have_content "Multitenancy"
+      expect(page).not_to have_content "CONSUL ADMINISTRATION", normalize_ws: true
+    end
+  end
+
+  scenario "redirects to account path when regular users try to access the admin section" do
+    logout
+    login_as(create(:user))
+
+    visit admin_root_path
+
+    expect(page).to have_current_path account_path
+    expect(page).to have_content "You do not have permission to access this page."
+  end
 end