diff --git a/app/controllers/management/base_controller.rb b/app/controllers/management/base_controller.rb index 2a5aba4e6..49a9eaf5d 100644 --- a/app/controllers/management/base_controller.rb +++ b/app/controllers/management/base_controller.rb @@ -1,11 +1,16 @@ class Management::BaseController < ActionController::Base - layout 'admin' + layout 'management' before_action :verify_manager private def verify_manager + raise ActionController::RoutingError.new('Not Found') unless current_manager.present? + end + + def current_manager + @current_manager ||= Manager.find(session["manager_id"]) if session["manager_id"] end end diff --git a/app/controllers/management/sessions_controller.rb b/app/controllers/management/sessions_controller.rb new file mode 100644 index 000000000..47aa3508f --- /dev/null +++ b/app/controllers/management/sessions_controller.rb @@ -0,0 +1,17 @@ +class Management::SessionsController < ActionController::Base + + def create + destroy_session + if manager = Manager.valid_manager(params[:login], params[:clave_usuario]) + session["manager_id"] = manager.id + redirect_to management_root_path + else + raise ActionController::RoutingError.new('Not Found') + end + end + + private + def destroy_session + session["manager_id"] = nil + end +end \ No newline at end of file diff --git a/app/models/manager.rb b/app/models/manager.rb index 1cfc3e545..6dc5cceea 100644 --- a/app/models/manager.rb +++ b/app/models/manager.rb @@ -4,9 +4,9 @@ class Manager < ActiveRecord::Base has_secure_password - def self.valid_auth?(username = nil, password = nil) + def self.valid_manager(username = nil, password = nil) return false unless username.present? && password.present? - Manager.find_by(username: username).try(:authenticate, password).present? + Manager.find_by(username: username).try(:authenticate, password) end end \ No newline at end of file diff --git a/app/views/layouts/management.html.erb b/app/views/layouts/management.html.erb new file mode 100644 index 000000000..431ee27c0 --- /dev/null +++ b/app/views/layouts/management.html.erb @@ -0,0 +1,64 @@ + + + + + + + + <%= content_for?(:title) ? yield(:title) : "Admin" %> + <%= stylesheet_link_tag "application" %> + <%= javascript_include_tag "vendor/modernizr" %> + <%= javascript_include_tag "application", 'data-turbolinks-track' => true %> + <%= content_for :head %> + <%= csrf_meta_tags %> + <%= favicon_link_tag "favicon.ico" %> + + + +
+
+
+ <%= render 'shared/locale_switcher' %> +
+
+ +
+ +
+
+
+ +
+ <%= render "/management/menu" %> +
+ +
+ <% if notice %> +
+ ">× + <%= notice %> +
+ <% end %> + + <% if alert %> +
+ ">× + <%= alert %> +
+ <% end %> + + <%= yield %> +
+
+ + diff --git a/config/i18n-tasks.yml b/config/i18n-tasks.yml index b1fa6d362..da441e691 100644 --- a/config/i18n-tasks.yml +++ b/config/i18n-tasks.yml @@ -24,6 +24,7 @@ data: - config/locales/%{locale}.yml - config/locales/admin.%{locale}.yml - config/locales/moderation.%{locale}.yml + - config/locales/management.%{locale}.yml - config/locales/verification.%{locale}.yml - config/locales/mailers.%{locale}.yml - config/locales/pages.%{locale}.yml diff --git a/config/locales/management.es.yml b/config/locales/management.es.yml index 48a6881a0..3da8434b5 100644 --- a/config/locales/management.es.yml +++ b/config/locales/management.es.yml @@ -45,4 +45,3 @@ es: "Hemos enviado un correo electrónico a %{email} para verificar que es suya. El correo enviado contiene un link que el usuario deberá pulsar. Entonces podrá seleccionar una clave de acceso, y entrar en la web de participación." - diff --git a/config/routes.rb b/config/routes.rb index 173f27264..1b1187c90 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -181,6 +181,10 @@ Rails.application.routes.draw do resources :email_verifications, only: [:new, :create] resources :users, only: [:new, :create] + + get 'sign_in', to: 'sessions#create' + + resources :sessions, only: :create end # Example of regular route: diff --git a/spec/controllers/management/sessions_controller_spec.rb b/spec/controllers/management/sessions_controller_spec.rb new file mode 100644 index 000000000..e895849a7 --- /dev/null +++ b/spec/controllers/management/sessions_controller_spec.rb @@ -0,0 +1,28 @@ +require 'rails_helper' + +describe Management::SessionsController do + + before(:all) do + create(:manager, username: "supermanager" , password: "secret") + end + + describe 'Sign up' do + it "should return 404 if not username/password" do + expect { get :create }.to raise_error "Not Found" + end + + it "should return 404 if wrong username" do + expect { get :create, login: "nonexistent" , clave_usuario: "secret" }.to raise_error "Not Found" + end + + it "should return 404 if wrong password" do + expect { get :create, login: "supermanager" , clave_usuario: "wrong" }.to raise_error "Not Found" + end + + it "should redirect to management root path if right credentials" do + get :create, login: "supermanager" , clave_usuario: "secret" + expect(response).to be_redirect + end + end + +end \ No newline at end of file diff --git a/spec/models/manager_spec.rb b/spec/models/manager_spec.rb index 8e08e1224..a6a89427c 100644 --- a/spec/models/manager_spec.rb +++ b/spec/models/manager_spec.rb @@ -20,26 +20,26 @@ describe Manager do end end - describe "self.valid_auth?" do + describe "self.valid_manager" do before(:all) { create(:manager, username: "Silvia" ,password: "supersecret") } it "is false when username is blank" do - expect(Manager.valid_auth?(nil, "supersecret")).to be false + expect(Manager.valid_manager(nil, "supersecret")).to be_blank end it "is false when password is blank" do - expect(Manager.valid_auth?("Silvia", nil)).to be false + expect(Manager.valid_manager("Silvia", nil)).to be_blank end it "is false if manager unexistent" do - expect(Manager.valid_auth?("Manager", "supersecret")).to be false + expect(Manager.valid_manager("Manager", "supersecret")).to be_blank end it "is false if wrong password unexistent" do - expect(Manager.valid_auth?("Silvia", "wrong")).to be false + expect(Manager.valid_manager("Silvia", "wrong")).to be_blank end it "is true if right username/password combination" do - expect(Manager.valid_auth?("Silvia", "supersecret")).to be true + expect(Manager.valid_manager("Silvia", "supersecret")).to be_present end end