diff --git a/.github/workflows/test-and-lint.yml b/.github/workflows/test-and-lint.yml index b5b93ac7..8c2ccc80 100644 --- a/.github/workflows/test-and-lint.yml +++ b/.github/workflows/test-and-lint.yml @@ -22,6 +22,15 @@ jobs: POSTGRES_DB: knewhub_test POSTGRES_USER: rails POSTGRES_PASSWORD: password + redis: + image: redis + options: >- + --health-cmd "redis-cli ping" + --health-interval 10s + --health-timeout 5s + --health-retries 5 + ports: + - 6379:6379 env: RAILS_ENV: test DATABASE_URL: "postgres://rails:password@localhost:5432/knewhub_test" diff --git a/app/views/dashboard/application/_navigation.html.erb b/app/views/dashboard/application/_navigation.html.erb index 8d1be26b..4aa1f3e5 100644 --- a/app/views/dashboard/application/_navigation.html.erb +++ b/app/views/dashboard/application/_navigation.html.erb @@ -7,7 +7,8 @@ <%= link_to 'Edit MFA credentials', webauthn_credentials_path, class: "button button--alt button--nav" %>
- + <%= link_to 'Sidekiq dashboard', sidekiq_web_path, class: "button button--alt button--nav" %> + <%= link_to(t("administrate.navigation.back_to_app"), root_url, class: "button button--alt button--nav") if defined?(root_url) %> <% Administrate::Namespace.new(namespace).resources_with_index_route.each do |resource| %> diff --git a/config/environments/test.rb b/config/environments/test.rb index e8f4ba75..d4d0b297 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -24,7 +24,7 @@ } # Show full error reports and disable caching. - config.consider_all_requests_local = true + config.consider_all_requests_local = false config.action_controller.perform_caching = false config.cache_store = :null_store diff --git a/config/routes.rb b/config/routes.rb index a2261fce..365ad703 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,3 +1,5 @@ +require 'sidekiq/web' + Rails.application.routes.draw do # Static pages root 'static_pages#index' @@ -62,6 +64,10 @@ patch :toggle_banned_status, on: :member end + constraints(Constraints::AdministratorRouteConstraint.new) do + mount Sidekiq::Web => '/sidekiq' + end + # Webhooks post '/webhooks/github/:uuid', to: 'webhooks/github#create' end diff --git a/lib/constraints/administrator_route_constraint.rb b/lib/constraints/administrator_route_constraint.rb new file mode 100644 index 00000000..c8ad318f --- /dev/null +++ b/lib/constraints/administrator_route_constraint.rb @@ -0,0 +1,27 @@ +module Constraints + class AdministratorRouteConstraint + def matches?(request) + @request = request + administrator_signed_in? + end + + private + + def current_administrator + validate_session + return unless @request.session[:administrator_id] + + @current_administrator ||= Administrator.find(@request.session[:administrator_id]) + end + + def administrator_signed_in? + !!current_administrator + end + + def validate_session + return if @request.session[:administrator_expires_at].nil? + + @request.session[:administrator_id] = nil if @request.session[:administrator_expires_at] < Time.current + end + end +end diff --git a/spec/systems/sidekiq_web_spec.rb b/spec/systems/sidekiq_web_spec.rb new file mode 100644 index 00000000..a61eec27 --- /dev/null +++ b/spec/systems/sidekiq_web_spec.rb @@ -0,0 +1,30 @@ +require 'rails_helper' + +RSpec.describe 'Sidekiq::Web', type: :system do + context 'when logged in as an administrator' do + let(:administrator) { create(:administrator) } + + it 'can access the Sidekiq UI' do + page.set_rack_session(administrator_id: administrator.id) + visit sidekiq_web_path + expect(page).to have_content('Sidekiq') + end + end + + context 'when logged in as a user' do + it 'cannot access the Sidekiq UI' do + visit sidekiq_web_path + expect(page).to have_content('404') + end + end + + context 'when not logged in as an administrator' do + let(:user) { create(:user) } + + it 'cannot access the Sidekiq UI' do + sign_in user + visit sidekiq_web_path + expect(page).to have_content('404') + end + end +end