Feature: Introduce Super Admins (#705)

* Feature: Introduce Super Admins - added new devise model for super user - added administrate gem - sample dashboards for users and accounts Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com>
2020-05-11 23:07:22 +05:30
parent 8859880e55
commit c74b5c21d7
37 changed files with 964 additions and 35 deletions
--- a/spec/controllers/api/v1/accounts/accounts_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/accounts_controller_spec.rb
@@ -2,9 +2,10 @@ require 'rails_helper'

 RSpec.describe 'Accounts API', type: :request do
  describe 'POST /api/v1/accounts' do
+    let(:email) { Faker::Internet.email }
+
    context 'when posting to accounts with correct parameters' do
      let(:account_builder) { double }
-      let(:email) { Faker::Internet.email }
      let(:account) { create(:account) }
      let(:user) { create(:user, email: email, account: account) }

@@ -22,7 +23,7 @@ RSpec.describe 'Accounts API', type: :request do
             params: params,
             as: :json

-        expect(AccountBuilder).to have_received(:new).with(params)
+        expect(AccountBuilder).to have_received(:new).with(params.merge(confirmed: false))
        expect(account_builder).to have_received(:perform)
        expect(response.headers.keys).to include('access-token', 'token-type', 'client', 'expiry', 'uid')
      end
@@ -36,16 +37,45 @@ RSpec.describe 'Accounts API', type: :request do
             params: params,
             as: :json

-        expect(AccountBuilder).to have_received(:new).with(params)
+        expect(AccountBuilder).to have_received(:new).with(params.merge(confirmed: false))
+        expect(account_builder).to have_received(:perform)
+        expect(response).to have_http_status(:forbidden)
+        expect(response.body).to eq({ message: I18n.t('errors.signup.failed') }.to_json)
+      end
+
+      it 'ignores confirmed param when called with out super admin token' do
+        allow(account_builder).to receive(:perform).and_return(nil)
+
+        params = { account_name: 'test', email: email, confirmed: true }
+
+        post api_v1_accounts_url,
+             params: params,
+             as: :json
+
+        expect(AccountBuilder).to have_received(:new).with(params.merge(confirmed: false))
        expect(account_builder).to have_received(:perform)
        expect(response).to have_http_status(:forbidden)
        expect(response.body).to eq({ message: I18n.t('errors.signup.failed') }.to_json)
      end
    end

-    context 'when ENABLE_ACCOUNT_SIGNUP env variable is set to false' do
-      let(:email) { Faker::Internet.email }
+    context 'when called with super admin token' do
+      let(:super_admin) { create(:super_admin) }

+      it 'calls account builder with confirmed true when confirmed param is passed' do
+        params = { account_name: 'test', email: email, confirmed: true }
+
+        post api_v1_accounts_url,
+             params: params,
+             headers: { api_access_token: super_admin.access_token.token },
+             as: :json
+
+        expect(User.find_by(email: email).confirmed?).to eq(true)
+        expect(response.headers.keys).to include('access-token', 'token-type', 'client', 'expiry', 'uid')
+      end
+    end
+
+    context 'when ENABLE_ACCOUNT_SIGNUP env variable is set to false' do
      it 'responds 404 on requests' do
        params = { account_name: 'test', email: email }
        ENV['ENABLE_ACCOUNT_SIGNUP'] = 'false'
@@ -60,8 +90,6 @@ RSpec.describe 'Accounts API', type: :request do
    end

    context 'when ENABLE_ACCOUNT_SIGNUP env variable is set to api_only' do
-      let(:email) { Faker::Internet.email }
-
      it 'does not respond 404 on requests' do
        params = { account_name: 'test', email: email }
        ENV['ENABLE_ACCOUNT_SIGNUP'] = 'api_only'
--- a/spec/controllers/super_admin/access_tokens_controller_spec.rb
+++ b/spec/controllers/super_admin/access_tokens_controller_spec.rb
@@ -0,0 +1,24 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin access tokens API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/access_tokens' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      it 'shows the list of access tokens' do
+        sign_in super_admin
+        get '/super_admin/access_tokens'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include('New access token')
+        expect(response.body).to include(super_admin.access_token.token)
+      end
+    end
+  end
+end
--- a/spec/controllers/super_admin/accounts_controller_spec.rb
+++ b/spec/controllers/super_admin/accounts_controller_spec.rb
@@ -0,0 +1,26 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin accounts API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/accounts' do
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        get '/super_admin/accounts'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated user' do
+      let!(:account) { create(:account) }
+
+      it 'shows the list of accounts' do
+        sign_in super_admin
+        get '/super_admin/accounts'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include('New account')
+        expect(response.body).to include(account.name)
+      end
+    end
+  end
+end
--- a/spec/controllers/super_admin/super_admins_controller_spec.rb
+++ b/spec/controllers/super_admin/super_admins_controller_spec.rb
@@ -0,0 +1,24 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin super admins API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/users' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/super_admins'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      it 'shows the list of super admins' do
+        sign_in super_admin
+        get '/super_admin/super_admins'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include('New super admin')
+        expect(response.body).to include(super_admin.email)
+      end
+    end
+  end
+end
--- a/spec/controllers/super_admin/users_controller_spec.rb
+++ b/spec/controllers/super_admin/users_controller_spec.rb
@@ -0,0 +1,26 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin Users API', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'GET /super_admin/users' do
+    context 'when it is an unauthenticated super admin' do
+      it 'returns unauthorized' do
+        get '/super_admin/'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+
+    context 'when it is an authenticated super admin' do
+      let!(:user) { create(:user) }
+
+      it 'shows the list of users' do
+        sign_in super_admin
+        get '/super_admin'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include('New user')
+        expect(response.body).to include(user.name)
+      end
+    end
+  end
+end
--- a/spec/controllers/super_admin_controller_spec.rb
+++ b/spec/controllers/super_admin_controller_spec.rb
@@ -0,0 +1,46 @@
+require 'rails_helper'
+
+RSpec.describe 'Super Admin', type: :request do
+  let(:super_admin) { create(:super_admin) }
+
+  describe 'request to /super_admin' do
+    context 'when the super admin is unauthenticated' do
+      it 'redirects to signin page' do
+        get '/super_admin/'
+        expect(response).to have_http_status(:redirect)
+        expect(response.body).to include('sign_in')
+      end
+
+      it 'signs super admin in and out' do
+        sign_in super_admin
+        get '/super_admin'
+        expect(response).to have_http_status(:success)
+        expect(response.body).to include('New user')
+
+        sign_out super_admin
+        get '/super_admin'
+        expect(response).to have_http_status(:redirect)
+      end
+    end
+  end
+
+  describe 'request to /super_admin/sidekiq' do
+    context 'when the super admin is unauthenticated' do
+      it 'redirects to signin page' do
+        get '/monitoring/sidekiq'
+        expect(response).to have_http_status(:not_found)
+        expect(response.body).to include('sign_in')
+      end
+
+      it 'signs super admin in and out' do
+        sign_in super_admin
+        get '/monitoring/sidekiq'
+        expect(response).to have_http_status(:success)
+
+        sign_out super_admin
+        get '/monitoring/sidekiq'
+        expect(response).to have_http_status(:not_found)
+      end
+    end
+  end
+end
--- a/spec/factories/super_admins.rb
+++ b/spec/factories/super_admins.rb
@@ -0,0 +1,6 @@
+FactoryBot.define do
+  factory :super_admin do
+    email { "admin@#{SecureRandom.uuid}.com" }
+    password { 'password' }
+  end
+end
--- a/spec/models/super_admin_spec.rb
+++ b/spec/models/super_admin_spec.rb
@@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe SuperAdmin, type: :model do
+  pending "add some examples to (or delete) #{__FILE__}"
+end
--- a/spec/rails_helper.rb
+++ b/spec/rails_helper.rb
@@ -61,6 +61,8 @@ RSpec.configure do |config|
  config.filter_rails_from_backtrace!
  # arbitrary gems may also be filtered via:
  # config.filter_gems_from_backtrace("gem name")
+
+  config.include Devise::Test::IntegrationHelpers, type: :request
 end

 Shoulda::Matchers.configure do |config|