Commit 39578bf7 authored by mh's avatar mh
Browse files

working through the admin stuff

* completely disable user routes in the admin interface, imho they don't provide any value other than potential confusion
* work through the domain & users controller and adapt certain rails patterns
* try to make sure forms are filled on error
* make sure we use the _path helpers where possible
* try to further unify how the routes look like
* rename IndexController to WelcomeController as index#index sounds weird (nonsense change)
* match formfields to the param name itself, forms could be cleaned up more
* make it possible to create a forward together with a mailbox, we do that sometimes
* introduce a feature flag toggle. tbi.
parent a35969ee
......@@ -35,6 +35,11 @@ class ApplicationController < ActionController::Base
end
helper_method :admin?
def feature_toggle?(feature)
false
end
helper_method :feature_toggle?
def authorize
if !current_user
redirect_to '/login'
......
......@@ -161,9 +161,10 @@ module ApiBackend
})
end
def self.create_new_mailbox_admin(email, pw, trees_enabled, recovery_email, keep_recovery_token)
def self.create_new_mailbox_admin(email, pw, forward, trees_enabled, recovery_email, keep_recovery_token)
post(['users_admin', 'create_new_mailbox'], {"email" => email,
"password" => pw,
"forward" => forward,
"trees_enabled" => trees_enabled,
"recovery_email" => recovery_email,
"keep_recovery_token" => keep_recovery_token,
......
class DomainsController < ApplicationController
def show
before_action :fetch_domain, :only => ['delete','edit','update']
def index
@domains = ApiBackend::list_domains
end
def edit
domain = params[:domain]
if request.post?
if params[:delete]
begin
ApiBackend::delete_domain(domain)
redirect_to '/domains' and return
rescue
flash[:notice] = :fail
end
else
values = {
forward: params[:forward],
isdomainalias: params[:domainalias] == 'yes',
iscatchall: params[:catchall] == 'yes',
ispublic: params[:public] == 'yes',
}
begin
ApiBackend::update_domain(domain, values)
redirect_to '/domains' and return
rescue
flash[:notice] = :fail
end
end
end
@domain = ApiBackend::get_domain(params[:domain])['domain']
def new
@domain = {}
end
def update
values = {
'forward' => params[:forward],
'isdomainalias' => (params[:isdomainalias] == 'yes'),
'iscatchall' => (params[:iscatchall] == 'yes'),
'ispublic' => (params[:ispublic] == 'yes'),
}
ApiBackend::update_domain(@domain['domain'], values)
redirect_to '/domains' and return
rescue ApiBackend::ApiError
flash[:notice] = :fail
@domain = values.merge({'domain' => @domain['domain'] })
puts @domain.inspect
render 'edit'
end
def delete
ApiBackend::delete_domain(@domain['domain'])
redirect_to '/domains' and return
rescue ApiBackend::ApiError
flash[:notice] = :fail
end
def create
if request.post?
values = {
forward: params[:forward],
isdomainalias: params[:domainalias] == 'yes',
iscatchall: params[:catchall] == 'yes',
ispublic: params[:public] == 'yes',
}
begin
ApiBackend::create_domain(params[:domain], values)
redirect_to '/domains' and return
rescue
flash[:notice] = :fail
render 'edit'
end
else
render 'edit'
end
values = {
'forward' => params[:forward],
'isdomainalias' => (params[:isdomainalias] == 'yes'),
'iscatchall' => (params[:iscatchall] == 'yes'),
'ispublic' => (params[:ispublic] == 'yes'),
}
ApiBackend::create_domain(params[:domain], values)
redirect_to '/domains' and return
rescue ApiBackend::ApiError
flash[:notice] = :fail
@domain = values.merge({'domain' => params[:domain] })
render 'new'
end
private
def fetch_domain
@domain = ApiBackend::get_domain(params[:domain])['domain']
rescue ApiBackend::ApiError
flash[:notice] = :fail
redirect_to domains_path
end
end
class IndexController < ApplicationController
end
......@@ -18,6 +18,6 @@ class PasswordController < ApplicationController
redirect_to '/password' and return
end
flash[:notice] = :password_changed
redirect_to '/index'
redirect_to '/'
end
end
......@@ -42,11 +42,7 @@ class SessionsController < ApplicationController
if trees_enabled? && res['trees_recovery_token_present']
flash[:notice] = :recovery_token_hint
end
if admin?
redirect_to '/admin'
else
redirect_to '/'
end
redirect_to '/'
end
# successful login
flash[:notice] = nil
......
class UsersController < AdminController
def show
def index
@only_mailbox = (params['only_mailbox'] == 'true') || nil
begin
res = ApiBackend::list((if params[:filter] != "" then params[:filter] else nil end),
(if params[:domain] != "" then params[:domain] else nil end),
res = ApiBackend::list((if params[:filter].present? then params[:filter] else nil end),
(if params[:domain].present? then params[:domain] else nil end),
@only_mailbox)
@users = res['users']
rescue
rescue ApiBackend::ApiError
flash[:notice] = :fail
end
end
def create
full_email = "#{params[:alias]}@#{params[:domain]}"
begin
if params[:forward]
ApiBackend::create_new_forward_admin(full_email, params[:forward])
else
ApiBackend::create_new_mailbox_admin(
full_email, params[:password], params[:enable_trees],
params[:recovery_email], params[:keep_recovery_token] == 'yes')
end
rescue => e
flash[:notice] = e.api_msg || :failed
if params[:forward].present? && !params[:password].present?
ApiBackend::create_new_forward_admin(full_email, params[:forward])
else
ApiBackend::create_new_mailbox_admin(
full_email,
params[:password],
params[:forward],
params[:enable_trees],
params[:recovery_email],
(params[:keep_recovery_token] == 'yes')
)
end
redirect_to '/users'
redirect_to users_path and return
rescue ApiBackend::ApiError => e
flash[:notice] = e.api_msg || :failed
fetch_deps
@the_user = {
'forward' => params[:forward],
'alias' => params[:alias],
'domain' => params[:domain],
'password' => params[:password],
'enable_trees' => params[:enable_trees],
'recovery_email' => params[:recovery_email],
'keep_recovery_token' => params[:keep_recovery_token],
}
render 'new' if @domains.present?
end
def new
@domains = ApiBackend::list_domains
@storagehosts = ApiBackend::storagehosts
render 'create'
fetch_deps
@the_user = {}
render 'new' if @domains.present?
end
def update
......@@ -60,16 +75,16 @@ class UsersController < AdminController
ApiBackend::user_update(params[:email], action, value)
flash[:notice] = :success
if action == :delete
redirect_to '/users' and return
redirect_to users_path and return
end
rescue
rescue ApiBackend::ApiError
flash[:notice] = :failed
end
else
flash[:notice] = :not_implemented
end
load_user
render 'edit'
render 'edit' if @the_user
end
def edit
......@@ -80,12 +95,19 @@ class UsersController < AdminController
def load_user
@email = params[:email]
@the_user = nil
res = ApiBackend::user_info(@email)
@the_user = res['user']
rescue ApiBackend::ApiError
flash[:notice] = :fail
redirect_to users_path
end
def fetch_deps
@domains = ApiBackend::list_domains
begin
res = ApiBackend::user_info(@email)
@the_user = res['user']
rescue
end
@storagehosts = ApiBackend::storagehosts
rescue ApiBackend::ApiError
flash[:notice] = :fail
redirect_to users_path
end
end
class WelcomeController < ApplicationController
end
......@@ -14,7 +14,7 @@
<ul>
<% @passwords.each do |pw| %>
<li>
<%= form_tag("/app_passwords", method: "post") do %>
<%= form_tag(app_passwords_path, method: "post") do %>
<%= pw %>
<%= hidden_field_tag(:delete, '', value: pw) %>
&nbsp;<%= submit_tag(t :delete) %>
......@@ -27,7 +27,7 @@
<% end %>
<br />
<%= form_tag("/app_passwords", method: "post") do %>
<%= form_tag(app_passwords_path, method: "post") do %>
<table>
<tr><td>
<%= label_tag(:app_name, (t :app_name)) %>
......
......@@ -2,7 +2,7 @@
<p>
<%= t :delete_account_help %>
</p>
<%= form_tag("/delete_account", method: "post") do %>
<%= form_tag(delete_account_path, method: "post") do %>
<%= label_tag(:pass, (t :password)) %>
<%= password_field_tag(:pass) %>
<%= submit_tag(t :delete) %>
......
<%= form_tag('', method: "post") do %>
<% if @domain %>
<b><%= @domain['domain'] %></b><br /> <br/>
<% else %>
<% @domain = {} %>
<%= label_tag(:domain, (t :domain)) %>
<%= text_field_tag(:domain) %>
<% end %>
<%= form_tag("#{domains_path}/#{URI::escape(@domain['domain'])}", method: "post") do %>
<b><%= @domain['domain'] %></b><br /> <br/>
<%= label_tag(:forward, (t :alias_or_catchall_to)) %>
<%= text_field_tag(:forward, '', value: @domain['forward']) %>
<p>
<input type="checkbox" id="public" name="public" value="yes"
<input type="checkbox" id="ispublic" name="ispublic" value="yes"
<%= if @domain['ispublic'] then 'checked="checked"' else '' end %> />
<%= t(:ispublic) %>
<br />
<input type="checkbox" id="catchall" name="catchall" value="yes"
<input type="checkbox" id="iscatchall" name="iscatchall" value="yes"
<%= if @domain['iscatchall'] then 'checked="checked"' else '' end %> />
<%= t(:catchall) %>
<br />
<input type="checkbox" id="domainalias" name="domainalias" value="yes"
<input type="checkbox" id="isdomainalias" name="isdomainalias" value="yes"
<%= if @domain['isdomainalias'] then 'checked="checked"' else '' end %> />
<%= t(:domainalias) %>
<br />
......@@ -34,10 +28,8 @@
<br />
<br />
<br />
<% if @domain['domain'] %>
<%= form_tag('', method: "post") do %>
<%= form_tag("#{domains_path}/#{URI.escape(@domain['domain'])}/delete", method: "post") do %>
<%= hidden_field_tag(:delete, '', value: true) %>
<%= submit_tag(t :delete) %>
DANGER DATA LOSS!!!
<% end %>
<% end %>
<%= link_to (t :new), '/domains/create' %>
<%= link_to (t :new), domains_create_path %>
&nbsp;|&nbsp;
<%= link_to "Cancel", admin_path %>
<br />
<br />
<%- if @domains && !@domains.empty? %>
<%- if domains.present? %>
<table class="userlist">
<thead>
<tr>
<% @domains.first.each do |attr, _| %>
<% domains.first.each do |attr, _| %>
<th><%= attr.titlecase %></th>
<%- end %>
</tr>
</thead>
<tbody>
<% @domains.each do |domain| %>
<% domains.each do |domain| %>
<tr>
<% domain.each do |key, val| %>
<td>
<%= if key == 'id' then
link_to((t :edit),
"domains/"+URI::escape("#{domain['domain']}"))
"#{domains_path}/#{URI::escape(domain['domain'])}")
else val end %>
</td>
<%- end %>
......
<%= form_tag(domains_create_path, method: "post") do %>
<%= label_tag(:domain, t(:domain)) %>
<%= text_field_tag(:domain, @domain['domain']) %>
<%= label_tag(:forward, (t :alias_or_catchall_to)) %>
<%= text_field_tag(:forward, @domain['forward']) %>
<p>
<input type="checkbox" id="ispublic" name="ispublic" value="yes"
<%= if @domain['ispublic'] then 'checked="checked"' else '' end %> />
<%= t(:ispublic) %>
<br />
<input type="checkbox" id="iscatchall" name="iscatchall" value="yes"
<%= if @domain['iscatchall'] then 'checked="checked"' else '' end %> />
<%= t(:catchall) %>
<br />
<input type="checkbox" id="isdomainalias" name="isdomainalias" value="yes"
<%= if @domain['isdomainalias'] then 'checked="checked"' else '' end %> />
<%= t(:domainalias) %>
<br />
</p>
<%= submit_tag(t :create) %>
<%= link_to "Cancel", domains_path %>
<% end %>
<h3><%= t(:main_title) %></h3>
<ul class="menu">
<% if admin? %>
<li style='padding-top:10px'><%= link_to (t :admin_page) , admin_path %></li>
<% else %>
<li><%= link_to (t :change_password), password_path %>
<br /><%= t(:change_password_short_help) %>
</li>
<li><%= link_to (t :recovery_email) , recovery_email_path %><% if recovery_email_set? %> (<%= t(:present) %>)<% end %>
<br /><%= t(:recovery_email_short_help) %>
</li>
<% if trees_enabled? %>
<li><%= link_to (t :recovery_token) , trees_token_path %>
<br /><%= t(:trees_token_short_help) %>
</li>
<% if admin? %>
<%# still a feature we want only in beta %>
<li><%= link_to (t :app_passwords) , app_passwords_path %> (beta)
<br /><%= t(:app_passwords_short_help) %>
</li>
<% end %>
<% else %>
<li><%= link_to (t :trees_settings) , trees_path %> (beta)
<br /><%= t(:enable_trees_short_help) %>
</li>
<% end %>
<li style='padding-top:10px'><%= link_to (t :delete_account) , delete_account_path %>
</li>
<% end %>
</ul>
......@@ -10,7 +10,7 @@
</textarea>
<% end %>
<%= form_tag("/invites", method: "post") do %>
<%= form_tag(invites_path, method: "post") do %>
<%= label_tag(:num_tokens, (t :num_tokens)) %>
<%= text_field_tag(:num_tokens) %>
<%= label_tag(:domains, 'domains (comma separated. empty = all public domains)') %>
......
<h3><%= t :change_password %></h3>
<%= form_tag("/password", method: "post") do %>
<%= form_tag(password_path, method: "post") do %>
<table>
<tr><td>
<%= label_tag(:old, (t :old_pw)) %>
......
......@@ -4,7 +4,7 @@
<%= t :recovery_email_help %>
</p>
<%= form_tag("/recovery_email", method: "post") do %>
<%= form_tag(recovery_email_path, method: "post") do %>
<%= label_tag(:recovery_email, (t :recovery_email) + (recovery_email_set? ? " (#{t(:present)})" : '')) %>
<%= text_field_tag(:recovery_email) %>
<br />
......
<h3><%= t :login %></h3>
<%= form_tag('', method: "post") do %>
<%= form_tag(login_path, method: "post") do %>
<table>
<tr><td>
<%= label_tag(:user_id, (t :user_id)) %>
......
<h3><%= t :new_account %></h3>
<%= form_tag("/signup/#{@token}", method: "post") do %>
<%= form_tag("#{signup_path}/#{URI::escape(@token)}", method: "post") do %>
<table>
<tr><td>
<%= label_tag(:email, (t :email)) %>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment