Merge pull request #5057 from consuldemocracy/only_manage_tenants

Add an option to enable the "Multitenancy management mode"
2024-11-06 14:59:50 +01:00
parent c91501a056 4972c51974
commit d242170771
36 changed files with 671 additions and 403 deletions
--- a/app/assets/stylesheets/admin/menu.scss
+++ b/app/assets/stylesheets/admin/menu.scss
@@ -109,6 +109,14 @@
    &.ml-link {
      @include icon(brain, solid);
    }
+
+    &.administrators-link {
+      @include icon(user, solid);
+    }
+
+    &.tenants-link {
+      @include icon(building, regular);
+    }
  }

  li {
--- a/app/components/admin/menu_component.rb
+++ b/app/components/admin/menu_component.rb
@@ -3,6 +3,16 @@ class Admin::MenuComponent < ApplicationComponent
  use_helpers :can?

  def links
+    if Rails.application.multitenancy_management_mode?
+      multitenancy_management_links
+    else
+      default_links
+    end
+  end
+
+  private
+
+    def default_links
      [
        (proposals_link if feature?(:proposals)),
        (debates_link if feature?(:debates)),
@@ -23,7 +33,9 @@ class Admin::MenuComponent < ApplicationComponent
      ]
    end

-  private
+    def multitenancy_management_links
+      [tenants_link, administrators_link]
+    end

    def moderated_content?
      moderated_sections.include?(controller_name) && controller.class.module_parent != Admin::Legislation
@@ -395,7 +407,8 @@ class Admin::MenuComponent < ApplicationComponent
      [
        t("admin.menu.administrators"),
        admin_administrators_path,
-        controller_name == "administrators"
+        controller_name == "administrators",
+        class: "administrators-link"
      ]
    end

@@ -482,7 +495,8 @@ class Admin::MenuComponent < ApplicationComponent
        [
          t("admin.menu.multitenancy"),
          admin_tenants_path,
-          controller_name == "tenants"
+          controller_name == "tenants",
+          class: "tenants-link"
        ]
      end
    end
--- a/app/components/layout/admin_header_component.html.erb
+++ b/app/components/layout/admin_header_component.html.erb
@@ -2,9 +2,11 @@
  <div class="top-links">
    <%= render Layout::LocaleSwitcherComponent.new %>

+    <% if show_link_to_root_path? %>
      <%= link_to root_path do %>
        <%= t("admin.dashboard.index.back", org: setting["org_name"]) %>
      <% end %>
+    <% end %>
  </div>

  <div class="top-bar">
--- a/app/components/layout/admin_header_component.rb
+++ b/app/components/layout/admin_header_component.rb
@@ -29,4 +29,8 @@ class Layout::AdminHeaderComponent < ApplicationComponent
    def show_account_menu?
      show_admin_menu?(user) || namespace != "management"
    end
+
+    def show_link_to_root_path?
+      !Rails.application.multitenancy_management_mode?
+    end
 end
--- a/app/components/layout/admin_login_items_component.rb
+++ b/app/components/layout/admin_login_items_component.rb
@@ -7,7 +7,7 @@ class Layout::AdminLoginItemsComponent < ApplicationComponent
  end

  def render?
-    show_admin_menu?(user)
+    show_admin_menu?(user) && !Rails.application.multitenancy_management_mode?
  end

  private
--- a/app/components/layout/footer_component.rb
+++ b/app/components/layout/footer_component.rb
@@ -1,6 +1,10 @@
 class Layout::FooterComponent < ApplicationComponent
  use_helpers :content_block

+  def render?
+    !Rails.application.multitenancy_management_mode?
+  end
+
  def footer_legal_content_block
    content_block("footer_legal")
  end
--- a/app/components/layout/login_items_component.html.erb
+++ b/app/components/layout/login_items_component.html.erb
@@ -1,4 +1,5 @@
 <% if user %>
+  <% if show_my_activity_link? %>
    <li>
      <%= layout_menu_link_to t("layouts.header.my_activity_link"),
                              user_path(user),
@@ -7,6 +8,7 @@
                              title: t("shared.go_to_page") +
                                     t("layouts.header.my_activity_link") %>
    </li>
+  <% end %>
  <li>
    <%= layout_menu_link_to t("layouts.header.my_account_link"),
                            account_path,
--- a/app/components/layout/login_items_component.rb
+++ b/app/components/layout/login_items_component.rb
@@ -5,4 +5,10 @@ class Layout::LoginItemsComponent < ApplicationComponent
  def initialize(user)
    @user = user
  end
+
+  private
+
+    def show_my_activity_link?
+      !Rails.application.multitenancy_management_mode?
+    end
 end
--- a/app/components/layout/notification_item_component.html.erb
+++ b/app/components/layout/notification_item_component.html.erb
@@ -1,4 +1,3 @@
-<% if user %>
 <li id="notifications">
  <%= link_to notifications_path, rel: "nofollow",
                                  title: text,
@@ -9,4 +8,3 @@
    <span class="show-for-small-only"><%= text %></span>
  <% end %>
 </li>
-<% end %>
--- a/app/components/layout/notification_item_component.rb
+++ b/app/components/layout/notification_item_component.rb
@@ -5,6 +5,10 @@ class Layout::NotificationItemComponent < ApplicationComponent
    @user = user
  end

+  def render?
+    user.present? && !Rails.application.multitenancy_management_mode?
+  end
+
  private

    def text
--- a/app/components/layout/subnavigation_component.rb
+++ b/app/components/layout/subnavigation_component.rb
@@ -1,3 +1,7 @@
 class Layout::SubnavigationComponent < ApplicationComponent
  use_helpers :content_block, :layout_menu_link_to
+
+  def render?
+    !Rails.application.multitenancy_management_mode?
+  end
 end
--- a/app/controllers/concerns/access_denied_handler.rb
+++ b/app/controllers/concerns/access_denied_handler.rb
@@ -4,7 +4,13 @@ module AccessDeniedHandler
  included do
    rescue_from CanCan::AccessDenied do |exception|
      respond_to do |format|
-        format.html { redirect_to main_app.root_path, alert: exception.message }
+        format.html do
+          if Rails.application.multitenancy_management_mode?
+            redirect_to main_app.account_path, alert: exception.message
+          else
+            redirect_to main_app.root_path, alert: exception.message
+          end
+        end
        format.json { render json: { error: exception.message }, status: :forbidden }
      end
    end
--- a/app/controllers/users/sessions_controller.rb
+++ b/app/controllers/users/sessions_controller.rb
@@ -7,7 +7,9 @@ class Users::SessionsController < Devise::SessionsController
  private

    def after_sign_in_path_for(resource)
-      if !verifying_via_email? && resource.show_welcome_screen?
+      if Rails.application.multitenancy_management_mode? && !resource.administrator?
+        account_path
+      elsif !verifying_via_email? && resource.show_welcome_screen?
        welcome_path
      else
        super
--- a/config/application.rb
+++ b/config/application.rb
@@ -159,6 +159,12 @@ module Consul

    # Set to true to enable managing different tenants using the same application
    config.multitenancy = Rails.application.secrets.multitenancy
+    # Set to true if you want that the default tenant only to be used to manage other tenants
+    config.multitenancy_management_mode = Rails.application.secrets.multitenancy_management_mode
+
+    def multitenancy_management_mode?
+      config.multitenancy && Tenant.default? && config.multitenancy_management_mode
+    end
  end
 end

--- a/config/routes.rb
+++ b/config/routes.rb
@@ -6,11 +6,17 @@ Rails.application.routes.draw do

  draw :account
  draw :admin
+  draw :devise
+
+  constraints lambda { |request| Rails.application.multitenancy_management_mode? } do
+    get "/", to: "admin/tenants#index"
+  end
+
+  constraints lambda { |request| !Rails.application.multitenancy_management_mode? } do
    draw :budget
    draw :comment
    draw :community
    draw :debate
-  draw :devise
    draw :direct_upload
    draw :document
    draw :graphql
@@ -47,3 +53,35 @@ Rails.application.routes.draw do
    # Static pages
    resources :pages, path: "/", only: [:show]
  end
+
+  resolve "Budget::Investment" do |investment, options|
+    [investment.budget, :investment, options.merge(id: investment)]
+  end
+
+  resolve("Topic") { |topic, options| [topic.community, topic, options] }
+
+  resolve "Legislation::Proposal" do |proposal, options|
+    [proposal.process, :proposal, options.merge(id: proposal)]
+  end
+
+  resolve "Vote" do |vote, options|
+    [*resource_hierarchy_for(vote.votable), vote, options]
+  end
+
+  resolve "Legislation::Question" do |question, options|
+    [question.process, :question, options.merge(id: question)]
+  end
+
+  resolve "Legislation::Annotation" do |annotation, options|
+    [annotation.draft_version.process, :draft_version, :annotation,
+     options.merge(draft_version_id: annotation.draft_version, id: annotation)]
+  end
+
+  resolve "Poll::Question" do |question, options|
+    [:question, options.merge(id: question)]
+  end
+
+  resolve "SDG::LocalTarget" do |target, options|
+    [:local_target, options.merge(id: target)]
+  end
+end
--- a/config/routes/admin.rb
+++ b/config/routes/admin.rb
@@ -1,5 +1,18 @@
 namespace :admin do
  root to: "dashboard#index"
+
+  resources :administrators, only: [:index, :create, :destroy, :edit, :update] do
+    get :search, on: :collection
+  end
+
+  resources :tenants, except: [:show, :destroy] do
+    member do
+      put :hide
+      put :restore
+    end
+  end
+
+  constraints lambda { |request| !Rails.application.multitenancy_management_mode? } do
    resources :organizations, only: :index do
      get :search, on: :collection
      member do
@@ -147,10 +160,6 @@ namespace :admin do
      resources :managers, only: [:index, :create, :destroy]
    end

-  resources :administrators, only: [:index, :create, :destroy, :edit, :update] do
-    get :search, on: :collection
-  end
-
    resources :users, only: [:index, :show]

    scope module: :poll do
@@ -295,12 +304,6 @@ namespace :admin do
      post :execute, on: :collection
      delete :cancel, on: :collection
    end
-
-  resources :tenants, except: [:show, :destroy] do
-    member do
-      put :hide
-      put :restore
-    end
  end
 end

--- a/config/routes/budget.rb
+++ b/config/routes/budget.rb
@@ -19,7 +19,3 @@ resources :budgets, only: [:show, :index] do
  resource :stats, only: :show, controller: "budgets/stats"
  resource :executions, only: :show, controller: "budgets/executions"
 end
-
-resolve "Budget::Investment" do |investment, options|
-  [investment.budget, :investment, options.merge(id: investment)]
-end
--- a/config/routes/community.rb
+++ b/config/routes/community.rb
@@ -1,5 +1,3 @@
 resources :communities, only: [:show] do
  resources :topics
 end
-
-resolve("Topic") { |topic, options| [topic.community, topic, options] }
--- a/config/routes/custom.rb
+++ b/config/routes/custom.rb
@@ -26,3 +26,12 @@
 # over the default routes. So, if you define a route for `/proposals`,
 # the default action for `/proposals` will not be used and the one you
 # define will be used instead.
+
+constraints lambda { |request| !Rails.application.multitenancy_management_mode? } do
+  # The routes defined within this block will not be accessible if multitenancy
+  # management mode is enabled. If you need these routes to be accessible when
+  # using multitenancy management mode, you should define them outside of this block.
+  #
+  # If multitenancy management mode is not being used, routes can be included within
+  # this block and will still be accessible.
+end
--- a/config/routes/legislation.rb
+++ b/config/routes/legislation.rb
@@ -39,20 +39,3 @@ namespace :legislation do
    end
  end
 end
-
-resolve "Legislation::Proposal" do |proposal, options|
-  [proposal.process, :proposal, options.merge(id: proposal)]
-end
-
-resolve "Vote" do |vote, options|
-  [*resource_hierarchy_for(vote.votable), vote, options]
-end
-
-resolve "Legislation::Question" do |question, options|
-  [question.process, :question, options.merge(id: question)]
-end
-
-resolve "Legislation::Annotation" do |annotation, options|
-  [annotation.draft_version.process, :draft_version, :annotation,
-   options.merge(draft_version_id: annotation.draft_version, id: annotation)]
-end
--- a/config/routes/poll.rb
+++ b/config/routes/poll.rb
@@ -8,7 +8,3 @@ resources :polls, only: [:show, :index] do
    resources :answers, controller: "polls/answers", only: [:create, :destroy], shallow: false
  end
 end
-
-resolve "Poll::Question" do |question, options|
-  [:question, options.merge(id: question)]
-end
--- a/config/routes/sdg_management.rb
+++ b/config/routes/sdg_management.rb
@@ -24,7 +24,3 @@ namespace :sdg_management do
    get "#{type}/:id/edit", to: "relations#edit", as: "edit_#{type.singularize}"
  end
 end
-
-resolve "SDG::LocalTarget" do |target, options|
-  [:local_target, options.merge(id: target)]
-end
--- a/config/secrets.yml.example
+++ b/config/secrets.yml.example
@@ -22,6 +22,7 @@ development:
  authentication_logs: false
  devise_lockable: false
  multitenancy: false
+  multitenancy_management_mode: false
  security:
    # allowed_admin_ips: ["123.45.67.89", "192.168.1.0/24"]
    last_sign_in: false
@@ -64,6 +65,7 @@ staging:
  managers_url: ""
  managers_application_key: ""
  multitenancy: false
+  multitenancy_management_mode: false
  security:
    # allowed_admin_ips: ["123.45.67.89", "192.168.1.0/24"]
    last_sign_in: false
@@ -119,6 +121,7 @@ preproduction:
  managers_url: ""
  managers_application_key: ""
  multitenancy: false
+  multitenancy_management_mode: false
  security:
    # allowed_admin_ips: ["123.45.67.89", "192.168.1.0/24"]
    last_sign_in: false
@@ -173,6 +176,7 @@ production:
  managers_url: ""
  managers_application_key: ""
  multitenancy: false
+  multitenancy_management_mode: false
  security:
    # allowed_admin_ips: ["123.45.67.89", "192.168.1.0/24"]
    last_sign_in: false
--- a/docs/en/features/multitenancy.md
+++ b/docs/en/features/multitenancy.md
@@ -78,6 +78,21 @@ Note that, if you use a different domain for a tenant, you'll have to configure

 When adding a new tenant, an admin user **copying the same login data as the administrator creating the tenant** will be automatically created. Note this user is stored in the database schema of the new tenant, so changing their password in one tenant won't change their password in any other tenants.

+### Multitenancy management mode
+
+The `multitenancy_management_mode` setting allows using the main tenant solely for managing other tenants and admin users, hiding any other admin panel functionality or public content.
+
+There are two possible ways to enable multitenancy management mode:
+
+* Adding `config.multitenancy_management_mode = true` inside the `class Application < Rails::Application` class in the `config/application_custom.rb` file
+* Replacing the line `multitenancy_management_mode: false` with `multitenancy_management_mode: true` (or adding it if it isn't already there) in the `config/secrets.yml` file
+
+We recommend using the same method that has been used to enable the multitenancy functionality in the [Common step for all Consul Democracy installations](#common-step-for-all-consul-democracy-installations) section.
+
+After enabling this option, restart the application and you will see the administration panel as follows:
+
+![The administration panel only contains links to multitenancy and administrators](../../img/multitenancy/management-mode-en.png)
+
 ## Steps to take after adding a tenant

 ### SSL certificates
--- a/docs/es/features/multitenancy.md
+++ b/docs/es/features/multitenancy.md
@@ -78,6 +78,21 @@ Nótese que, si estás usando un dominio distinto para una entidad, tendrás que

 Al añadir una nueva entidad, se creará automáticamente un usuario con permiso de administrador para esta nueva entidad **cuyos datos de acceso serán una copia de los del administrador que crea la entidad**. Este usuario se almacenará en el esquema de base de datos de la nueva entidad, con lo que cambiar su contraseña en una entidad no cambiará su contraseña en otras entidades.

+### Modo de gestión de multientidad
+
+La configuración `multitenancy_management_mode` permite utilizar la entidad principal únicamente para gestionar otras entidades y usuarios administradores, ocultando cualquier otra funcionalidad del panel de administración o contenido público.
+
+Existen dos posibles maneras de habilitar este modo de gestión de multientidad:
+
+* Añadiendo `config.multitenancy_management_mode = true` dentro de la clase `class Application < Rails::Application` del fichero `config/application_custom.rb`
+* Cambiando la línea `multitenancy_management_mode: false` por `multitenancy_management_mode: true` (o añadiéndola si no está ya ahí) en el fichero `config/secrets.yml`
+
+Recomendamos utilizar el mismo método que se ha utilizado para habilitar la funcionalidad de multientidad en la sección [Paso común a todas las instalaciones de Consul Democracy](#paso-común-a-todas-las-instalaciones-de-consul-democracy).
+
+Tras habilitar esta opción, reinicia la aplicación y podrás ver el panel de administración de la siguiente manera:
+
+![El panel de administración sólo contiene enlaces a multientidad y administradores](../../img/multitenancy/management-mode-es.png)
+
 ## Pasos a realizar tras añadir una entidad

 ### Certificados SSL
--- a/docs/img/multitenancy/management-mode-en.png
+++ b/docs/img/multitenancy/management-mode-en.png
--- a/docs/img/multitenancy/management-mode-es.png
+++ b/docs/img/multitenancy/management-mode-es.png
--- a/spec/components/admin/menu_component_spec.rb
+++ b/spec/components/admin/menu_component_spec.rb
@@ -1,6 +1,6 @@
 require "rails_helper"

-describe Admin::MenuComponent, controller: Admin::NewslettersController do
+describe Admin::MenuComponent, :admin, controller: Admin::NewslettersController do
  it "disables all buttons when JavaScript isn't available" do
    render_inline Admin::MenuComponent.new

@@ -20,6 +20,17 @@ describe Admin::MenuComponent, controller: Admin::NewslettersController do
    expect(page).to have_css "button[aria-expanded='false']", exact_text: "Settings"
  end

+  it "only renders the multitenancy and administrators sections in multitenancy management mode" do
+    allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(true)
+
+    render_inline Admin::MenuComponent.new
+
+    expect(page).to have_css "#admin_menu"
+    expect(page).to have_link "Multitenancy"
+    expect(page).to have_link "Administrators"
+    expect(page).to have_link count: 2
+  end
+
  describe "#polls_link" do
    it "is marked as current when managing poll options",
       controller: Admin::Poll::Questions::OptionsController do
--- a/spec/components/layout/admin_header_component_spec.rb
+++ b/spec/components/layout/admin_header_component_spec.rb
@@ -35,4 +35,13 @@ describe Layout::AdminHeaderComponent do
      expect(page).not_to have_css "[data-toggle]"
    end
  end
+
+  it "does not show link to root path when multitenancy_management_mode is enabled" do
+    allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(true)
+    create(:administrator, user: user)
+
+    render_inline Layout::AdminHeaderComponent.new(user)
+
+    expect(page).not_to have_link "Go back to CONSUL"
+  end
 end
--- a/spec/components/layout/admin_login_items_component_spec.rb
+++ b/spec/components/layout/admin_login_items_component_spec.rb
@@ -15,6 +15,15 @@ describe Layout::AdminLoginItemsComponent do
    expect(page).not_to be_rendered
  end

+  it "is not rendered when multitenancy_management_mode is enabled" do
+    allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(true)
+    user = create(:administrator).user
+
+    render_inline Layout::AdminLoginItemsComponent.new(user)
+
+    expect(page).not_to be_rendered
+  end
+
  it "shows access to all places except officing to administrators" do
    user = create(:administrator).user

--- a/spec/components/layout/footer_component_spec.rb
+++ b/spec/components/layout/footer_component_spec.rb
@@ -13,4 +13,11 @@ describe Layout::FooterComponent do
      end
    end
  end
+
+  it "is not rendered when multitenancy_management_mode is enabled" do
+    allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(true)
+    render_inline Layout::FooterComponent.new
+
+    expect(page).not_to be_rendered
+  end
 end
--- a/spec/components/layout/login_items_component_spec.rb
+++ b/spec/components/layout/login_items_component_spec.rb
@@ -0,0 +1,11 @@
+require "rails_helper"
+
+describe Layout::LoginItemsComponent do
+  it "does not show the my activity link when multitenancy_management_mode is enabled" do
+    allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(true)
+
+    render_inline Layout::LoginItemsComponent.new(create(:user))
+
+    expect(page).not_to have_content "My content"
+  end
+end
--- a/spec/components/layout/notification_item_component_spec.rb
+++ b/spec/components/layout/notification_item_component_spec.rb
@@ -0,0 +1,22 @@
+require "rails_helper"
+
+describe Layout::NotificationItemComponent do
+  it "is not rendered for anonymous users" do
+    render_inline Layout::NotificationItemComponent.new(nil)
+
+    expect(page).not_to be_rendered
+  end
+
+  it "is rendered for identified users" do
+    render_inline Layout::NotificationItemComponent.new(create(:user))
+
+    expect(page).to be_rendered
+  end
+
+  it "is not rendered when multitenancy_management_mode is enabled" do
+    allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(true)
+    render_inline Layout::NotificationItemComponent.new(create(:user))
+
+    expect(page).not_to be_rendered
+  end
+end
--- a/spec/components/layout/subnavigation_component_spec.rb
+++ b/spec/components/layout/subnavigation_component_spec.rb
@@ -0,0 +1,10 @@
+require "rails_helper"
+
+describe Layout::SubnavigationComponent do
+  it "is not rendered when multitenancy_management_mode is enabled" do
+    allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(true)
+    render_inline Layout::SubnavigationComponent.new
+
+    expect(page).not_to be_rendered
+  end
+end
--- a/spec/controllers/users/sessions_controller_spec.rb
+++ b/spec/controllers/users/sessions_controller_spec.rb
@@ -69,4 +69,22 @@ describe Users::SessionsController do
      end
    end
  end
+
+  describe "after_sign_in_path_for" do
+    it "redirects to account path when multitenancy_management_mode is enabled and user is not an admin" do
+      allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(true)
+
+      post :create, params: { user: { login: "citizen@consul.org", password: "12345678" }}
+
+      expect(response).to redirect_to account_path
+    end
+
+    it "redirects to welcome path when multitenancy_management_mode is disabled" do
+      allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(false)
+
+      post :create, params: { user: { login: "citizen@consul.org", password: "12345678" }}
+
+      expect(response).to redirect_to welcome_path
+    end
+  end
 end
--- a/spec/system/multitenancy_management_mode_spec.rb
+++ b/spec/system/multitenancy_management_mode_spec.rb
@@ -0,0 +1,58 @@
+require "rails_helper"
+
+describe "Multitenancy management mode", :admin do
+  before do
+    allow(Rails.application.config).to receive(:multitenancy_management_mode).and_return(true)
+    Setting["org_name"] = "CONSUL"
+  end
+
+  scenario "renders expected content for multitenancy manage mode in admin section" do
+    visit admin_root_path
+
+    within ".top-links" do
+      expect(page).not_to have_content "Go back to CONSUL"
+    end
+
+    within ".top-bar" do
+      expect(page).to have_css "li", count: 2
+      expect(page).to have_content "My account"
+      expect(page).to have_content "Sign out"
+    end
+
+    within "#admin_menu" do
+      expect(page).to have_content "Multitenancy"
+      expect(page).to have_content "Administrators"
+      expect(page).to have_css "li", count: 2
+    end
+  end
+
+  scenario "redirects root path requests to the admin tenants path" do
+    visit root_path
+
+    expect(page).to have_content "CONSUL ADMINISTRATION", normalize_ws: true
+    expect(page).to have_content "Multitenancy"
+    expect(page).not_to have_content "Most active proposals"
+  end
+
+  scenario "does not redirect other tenants when visiting the root path", :seed_tenants do
+    create(:tenant, schema: "mars")
+
+    with_subdomain("mars") do
+      visit root_path
+
+      expect(page).to have_content "Most active proposals"
+      expect(page).not_to have_content "Multitenancy"
+      expect(page).not_to have_content "CONSUL ADMINISTRATION", normalize_ws: true
+    end
+  end
+
+  scenario "redirects to account path when regular users try to access the admin section" do
+    logout
+    login_as(create(:user))
+
+    visit admin_root_path
+
+    expect(page).to have_current_path account_path
+    expect(page).to have_content "You do not have permission to access this page."
+  end
+end