Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backport 'Don't allow access to admin panel without ToS acceptance' to v0.27 #11042

Conversation

alecslupu
Copy link
Contributor

🎩 What? Why?

Backport #10117 to v0.27

♥️ Thank you!

@alecslupu alecslupu added backport Pull Requests that are a backport for a fixed bug module: admin type: fix PRs that implement a fix for a bug labels Jun 15, 2023
@alecslupu alecslupu force-pushed the backport/0.27/dont-allow-access-to-admin-pan-10117 branch 3 times, most recently from 346ed3f to 97edc4c Compare June 15, 2023 10:50
@alecslupu alecslupu added this to the 0.27.4 milestone Jun 15, 2023
* Don't allow access to admin panel without ToS acceptance

* Add redirection to previous page after accepting ToS

* Use have_content instead of have_text

* Running spellcheck linters

* Fix specs

* Fix permissions on Templates when user is not admin

* Fix specs

* Fix i18n string scope from merge

* Workaround for admin ToS acceptance in Initiatives

After #5736, the initiatives' authors and commitee members should not
have access to the admin panel.

The problem is that with the change of the Terms of Service acceptance
in the admin panel this is changing, so there's still some leftovers in
the initiatives' permissions.

As I only want to focus on ToS acceptance for now, I'll skip these specs
and fix the real problem (cleaning the leftovers from #5736) on another
PR to keep this small.

* Fix typo

* Fix for possible Cookie overflow with a long list of URL params

Detected by code review

* Remove unecessary namespaces

* Fix spec

* Bring consistency to the spec messages

* "has not accepted" sounds better than "did not accepted"
* sometimes I was using "has a message" and other times "shows a
  message"
* sometimes we were using ToS and other times TOS

* Add missing specs for Templates' specs

* Remove unecessary return

Apply suggestions from code review

Co-authored-by: Antti Hukkanen <[email protected]>

* Fix the stored request.path to not mess with the frontend's stored location

Apply suggestions from code review

Co-authored-by: Antti Hukkanen <[email protected]>

* Fetch from stored_location_for so the session value is cleaned

Apply suggestions from code review

Co-authored-by: Antti Hukkanen <[email protected]>

* Fix traits usages in factories calls

Apply suggestions from code review

Co-authored-by: Antti Hukkanen <[email protected]>

* Introduce "needs admin TOS accepted" shared example

* Fix rubocop offenses

* Fix rubocop offenses

* Make the user configurable for "needs admin TOS accepted" shared example

* Fix rubocop offense

* Refactor spec to shared examples

* Add example for roles that aren't admin

---------

Co-authored-by: Alexandru Emil Lupu <[email protected]>
Co-authored-by: Antti Hukkanen <[email protected]>
@alecslupu alecslupu force-pushed the backport/0.27/dont-allow-access-to-admin-pan-10117 branch from 97edc4c to 2aaffd3 Compare June 15, 2023 11:59
@andreslucena andreslucena merged commit 8d96cd8 into release/0.27-stable Jun 16, 2023
@andreslucena andreslucena deleted the backport/0.27/dont-allow-access-to-admin-pan-10117 branch June 16, 2023 07:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport Pull Requests that are a backport for a fixed bug module: admin type: fix PRs that implement a fix for a bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants