Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allowed email with admin@yeswehack.ninja to be admin users #1799

Merged
merged 1 commit into from
Feb 13, 2025
Merged

Allowed email with admin@yeswehack.ninja to be admin users #1799

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
84 changes: 48 additions & 36 deletions Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ GEM
uri (>= 0.13.1)
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
algolia (3.8.2)
algolia (3.12.1)
base64 (>= 0.2.0, < 1)
faraday (>= 1.0.1, < 3.0)
faraday-net_http_persistent (>= 0.15, < 3)
Expand Down Expand Up @@ -107,7 +107,7 @@ GEM
brakeman (7.0.0)
racc
builder (3.3.0)
bullet (8.0.0)
bullet (8.0.1)
activesupport (>= 3.0.0)
uniform_notifier (~> 1.11)
byebug (11.1.3)
Expand Down Expand Up @@ -135,7 +135,7 @@ GEM
ferrum (~> 0.15.0)
date (3.4.1)
debug_inspector (1.2.0)
diff-lcs (1.5.1)
diff-lcs (1.6.0)
docile (1.4.1)
domain_name (0.6.20240107)
draper (4.0.4)
Expand All @@ -149,8 +149,8 @@ GEM
erubi (1.13.1)
et-orbi (1.2.11)
tzinfo
factory_bot (6.5.0)
activesupport (>= 5.0.0)
factory_bot (6.5.1)
activesupport (>= 6.1.0)
factory_bot_rails (6.4.4)
factory_bot (~> 6.5)
railties (>= 5.0.0)
Expand All @@ -175,7 +175,9 @@ GEM
concurrent-ruby (~> 1.1)
webrick (~> 1.7)
websocket-driver (~> 0.7)
ffi (1.16.3)
ffi (1.17.1-aarch64-linux-gnu)
ffi (1.17.1-arm64-darwin)
ffi (1.17.1-x86_64-linux-gnu)
formatador (1.1.0)
fugit (1.11.1)
et-orbi (~> 1, >= 1.2.11)
Expand All @@ -191,12 +193,14 @@ GEM
fugit (>= 1.1)
railties (>= 6.0.0)
thor (>= 0.14.1)
guard (2.18.1)
guard (2.19.1)
formatador (>= 0.2.4)
listen (>= 2.7, < 4.0)
logger (~> 1.6)
lumberjack (>= 1.0.12, < 2.0)
nenv (~> 0.1)
notiffany (~> 0.0)
ostruct (~> 0.6)
pry (>= 0.13.0)
shellany (~> 0.0)
thor (>= 0.18.1)
Expand All @@ -207,9 +211,10 @@ GEM
rspec (>= 2.99.0, < 4.0)
hashdiff (1.1.2)
hashie (5.0.0)
highline (3.0.1)
highline (3.1.2)
reline
http-accept (1.7.0)
http-cookie (1.0.7)
http-cookie (1.0.8)
domain_name (~> 0.5)
i18n (1.14.7)
concurrent-ruby (~> 1.0)
Expand All @@ -230,7 +235,7 @@ GEM
pp (>= 0.6.0)
rdoc (>= 4.0.0)
reline (>= 0.4.2)
json (2.9.1)
json (2.10.1)
jwt (2.10.1)
base64
kaminari (1.2.2)
Expand All @@ -245,22 +250,22 @@ GEM
activerecord
kaminari-core (= 1.2.2)
kaminari-core (1.2.2)
kramdown (2.4.0)
rexml
kramdown (2.5.1)
rexml (>= 3.3.9)
kramdown-parser-gfm (1.1.0)
kramdown (~> 2.0)
language_server-protocol (3.17.0.4)
listen (3.9.0)
rb-fsevent (~> 0.10, >= 0.10.3)
rb-inotify (~> 0.9, >= 0.9.10)
logger (1.6.5)
logger (1.6.6)
logstasher (2.1.5)
activesupport (>= 5.2)
request_store
loofah (2.24.0)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
lumberjack (1.2.9)
lumberjack (1.2.10)
mail (2.8.1)
mini_mime (>= 0.1.1)
net-imap
Expand All @@ -274,27 +279,29 @@ GEM
marcel (1.0.4)
matrix (0.4.2)
method_source (1.1.0)
mime-types (3.5.2)
mime-types (3.6.0)
logger
mime-types-data (~> 3.2015)
mime-types-data (3.2024.0820)
mime-types-data (3.2025.0204)
mini_mime (1.1.5)
minitest (5.25.4)
mjml-rails (4.14.0)
msgpack (1.7.2)
multi_xml (0.6.0)
msgpack (1.8.0)
multi_xml (0.7.1)
bigdecimal (~> 3.1)
nenv (0.3.0)
net-http (0.6.0)
uri
net-http-persistent (4.0.5)
connection_pool (~> 2.2)
net-imap (0.5.1)
net-imap (0.5.6)
date
net-protocol
net-pop (0.1.2)
net-protocol
net-protocol (0.2.2)
timeout
net-smtp (0.5.0)
net-smtp (0.5.1)
net-protocol
netrc (0.11.0)
nio4r (2.7.4)
Expand Down Expand Up @@ -325,6 +332,7 @@ GEM
actionpack (>= 4.2)
omniauth (~> 2.0)
optimist (3.2.0)
ostruct (0.6.1)
parallel (1.26.3)
parser (3.3.7.1)
ast (~> 2.4.1)
Expand Down Expand Up @@ -357,13 +365,14 @@ GEM
activesupport (>= 3.0.0)
raabro (1.4.0)
racc (1.8.1)
rack (3.1.9)
rack (3.1.10)
rack-cors (2.0.2)
rack (>= 2.0.0)
rack-mini-profiler (3.3.1)
rack (>= 1.2.0)
rack-protection (4.0.0)
rack-protection (4.1.1)
base64 (>= 0.1.0)
logger (>= 1.6.0)
rack (>= 3.0.0, < 4)
rack-session (2.1.0)
base64 (>= 0.1.0)
Expand Down Expand Up @@ -414,13 +423,13 @@ GEM
activesupport (>= 6.1.5)
i18n
rb-fsevent (0.11.2)
rb-inotify (0.10.1)
rb-inotify (0.11.1)
ffi (~> 1.0)
rdoc (6.12.0)
psych (>= 4.0.0)
redis (5.3.0)
redis-client (>= 0.22.0)
redis-client (0.22.2)
redis-client (0.23.2)
connection_pool
regexp_parser (2.10.0)
reline (0.6.0)
Expand All @@ -433,7 +442,7 @@ GEM
mime-types (>= 1.16, < 4.0)
netrc (~> 0.8)
rexml (3.4.0)
rouge (4.1.3)
rouge (4.5.1)
rspec (3.13.0)
rspec-core (~> 3.13.0)
rspec-expectations (~> 3.13.0)
Expand Down Expand Up @@ -528,9 +537,9 @@ GEM
sprockets (4.2.1)
concurrent-ruby (~> 1.0)
rack (>= 2.2.4, < 4)
sprockets-rails (3.4.2)
actionpack (>= 5.2)
activesupport (>= 5.2)
sprockets-rails (3.5.2)
actionpack (>= 6.1)
activesupport (>= 6.1)
sprockets (>= 3.0.0)
stringio (3.1.2)
strong_migrations (2.2.0)
Expand All @@ -539,10 +548,10 @@ GEM
attr_extras (>= 6.2.4)
diff-lcs
patience_diff
terminal-table (3.0.2)
unicode-display_width (>= 1.1.1, < 3)
terminal-table (4.0.0)
unicode-display_width (>= 1.1.1, < 4)
thor (1.3.2)
tilt (2.3.0)
tilt (2.6.0)
timecop (0.9.10)
timeout (0.4.3)
tty-color (0.6.0)
Expand All @@ -551,12 +560,14 @@ GEM
railties (>= 6.0.0)
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
unicode-display_width (2.6.0)
unicode-display_width (3.1.4)
unicode-emoji (~> 4.0, >= 4.0.4)
unicode-emoji (4.0.4)
uniform_notifier (1.16.0)
unindent (1.0)
uri (1.0.2)
useragent (0.16.11)
version_gem (1.1.3)
version_gem (1.1.4)
web-console (4.2.1)
actionview (>= 6.0.0)
activemodel (>= 6.0.0)
Expand All @@ -566,8 +577,9 @@ GEM
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
webrick (1.9.0)
websocket-driver (0.7.6)
webrick (1.9.1)
websocket-driver (0.7.7)
base64
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
wicked (2.0.0)
Expand All @@ -576,7 +588,7 @@ GEM
nokogiri (~> 1.8)
yajl-ruby (1.4.3)
zeitwerk (2.7.1)
zlib (3.2.0)
zlib (3.2.1)

PLATFORMS
aarch64-linux
Expand Down
14 changes: 12 additions & 2 deletions app/models/user.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,16 +66,26 @@ def editor?
editor.present?
end

# rubocop:disable Metrics/AbcSize
def admin?
if Rails.env.production?
Rails.application.credentials.admin_emails.include?(email)
elsif Rails.env.development? || Rails.env.staging?
%w[
api-entreprise@yopmail.com
api-particulier@yopmail.com
].include?(email)
].include?(email) || email_from_ywh(email)
else
email =~ /@beta.gouv.fr$/
email_from_beta(email)
end
end
# rubocop:enable Metrics/AbcSize

def email_from_ywh(email)
/admin@yeswehack.ninja$/.match?(email)
end

def email_from_beta(email)
/@beta.gouv.fr$/.match?(email)
end
end
2 changes: 1 addition & 1 deletion db/schema.rb
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

28 changes: 28 additions & 0 deletions spec/models/user_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,4 +89,32 @@
expect(subject.size).to eq(1)
end
end

describe 'admin?' do
subject { described_class.find_or_initialize_by_email(email).admin? }

context 'when in staging' do
before do
allow(Rails.env).to receive(:staging?).and_return(true)
end

context 'when email belongs to the yeswehack ninja domain' do
let(:email) { 'test_admin@yeswehack.ninja' }

it { is_expected.to be(true) }
end

context 'when email is a specific admin email' do
let(:email) { 'api-entreprise@yopmail.com' }

it { is_expected.to be(true) }
end

context 'when email does not belong to an admin' do
let(:email) { 'not_an_admin@yopmail.com' }

it { is_expected.to be(false) }
end
end
end
end