trestle-auth icon indicating copy to clipboard operation
trestle-auth copied to clipboard

Published 20 hours ago verified publisher icon TrestleAdmin

dont raise an exception if the before_actions are not defined

Open sudoaza opened this issue 4 years ago • 3 comments

This fixes an error when using a custom controller and not defining either of the before filters

sudoaza avatar Jun 08 '20 20:06 sudoaza

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

aza seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Jun 08 '20 20:06 CLAassistant

Thanks for the contribution. This looks like it is probably okay to merge (once I fix the Travis errors).

However I'm curious as to how you are defining your custom controller that is causing an issue? Is it a custom sessions controller (perhaps inheriting from Trestle::Auth::SessionsController)? Otherwise I'm not sure what situation it might be fixing.

spohlenz avatar Jun 10 '20 01:06 spohlenz

It may be a mess i made because of my setup, i wanted to allow access to users logged with devise but who were internal and sharing the same model. This is what i did.

lib/trestle/auth/controller_methods.rb

module Trestle
  module Auth
    module ControllerMethods
      extend ActiveSupport::Concern

      included do
        before_action :authenticate_user!
        before_action :require_authenticated_user
      end

      protected

      def require_internal!
        redirect_to "/" unless current_user.internal?
        return false
      end

      def require_authenticated_user
        current_user && require_internal!
      end
    end
  end
end

config/initializers/trestle.rb

Trestle.configure do |config|
  # ...
  config.auth.backend = :devise

  config.auth.user_class = -> { User }

  # afaik this is ignored, it didn't work by itself
  config.auth.user_scope = -> { User.internal }

  # ...
end

require  File.join(Rails.root, 'lib', 'trestle', 'auth', 'controller_methods.rb')
Trestle::ApplicationController.send(:include, Trestle::Auth::ControllerMethods)

versions:

  • trestle (0.9.3)
  • trestle-auth (0.4.0)
  • devise (4.5.0)
  • rails (5.2.4.3)

Also, did i break the specs or is it unrelated? I can fix the PR

sudoaza avatar Jun 10 '20 16:06 sudoaza